North Central Categories:
Application Security Research Engineer Qualys
We are looking for an application security research engineer to join our real-time application security monitoring and protection team. We are building a brand new open source WAF named IronBee (
This is a rare opportunity to work in a fulfilling role as part of a small team that is breaking new ground in the application security space. Qualys is an exciting pre-IPO company with excellent customer ratings and outstanding growth rates. Please note that this is a full-time position in Madison (WI) in the United States.
Responsibilities
- Gather, research, and categorize existing application security knowledge and tools
- Keep up-to-date with the application security landscape
- Research known security issues in web applications, frameworks, and other relevant web stack components (such as web and database servers)
- Research and discover new application security issues, attack and defense techniques
- Publish whitepapers and present at security conferences
- Design security detection modules for IronBee
- Write IronBee rules and signatures
- BSc in Computer Science, or a similar degree
- Ability to work independently and efficiently, getting things done
- Good communicator, with fluent English and excellent verbal and writing skills.
- A deep understanding of how the Internet works is essential. You must be familiar with networking protocols-- for example DNS, TCP/IP, SSL/TLS, and others
- In-depth knowledge of HTTP and the related standards and specifications
- Up-to-date knowledge (sufficient to perform source code assessments and understand the security issues) of HTML, JavaScript, Flash, and other client-side technologies
- Reasonable programming skills, especially when it comes to scripting. You should be able to write small programs to automate your activities or mine data. You should also be able to read and understand the source code of other programs written in various languages
- Good understand of cryptography and secure programming
- Ability to work on Unix as a primary platform; Windows as secondary
- Ability to think like an attacker yet operate as a defender
- Experience in web application development
- Experience in application penetration testing, intrusion detection and prevention systems, or web application firewalls
- Exposure to open source, application security communities, and OWASP
- Familiarity with data structures, statistics, and machine learning
| Location: | North Central, SC United States |
|---|
Qualys
Investors: ABS Ventures, Bessemer Venture Partners, Trident CapitalAll Jobs: at Qualys
| Web Site: | www.qualys.com |
|---|---|
| Headquarters: | 1600 Bridge Parkway Redwood Shores, CA 94065 United States |
| Industry: | Software |
