Lead GRC Analyst

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

This role will be responsible for supporting our ongoing compliance efforts (ISO, PCI DSS, GDPR, CCPA, SOC2, IRAP and FedRAMP environments), working collaboratively to manage risk within the organization, and assisting to shape the Qualys information security program through documentation and evaluation of security controls within Qualys and external 3rd part entities. You will work side by side with the information security team and others from across the organization to help ensure Qualys and our customers data in secure and meeting organizational compliance standards.

• Produce weekly, monthly and quarterly uptime and status reports for production and critical internal infrastructure
• Manage organizational infrastructure LDAP/RADIUS/Basic auth,
• Design processes, programs and workflows,
• Handle all internal/External Audits, ISP document maintenance,
• Security log management & event monitoring (Splunk/IPS sourcepower),
• Incident Response,
• Build custom packages & key management,
• VM, PKI management external/internal,
• Automation of legacy/scheduled manual tasks,
• Identity and Access Management.

Skillset Needed:

• 6-8 Years in GRC with background in ISO27001 27017 27018 27701, IRAP FedRAMP, SOC2, CCPA and GDPR.
• Strong user of PowerPoint, MS Project Plan, Visio, Excel.
• Experience with Office365, Sharepoint and/or Confluence.
• Be self-directed and self-motivated.
• Ability to focus on repetitive work efforts.

Beneficial Skillset:

• Qualys on Qualys, Threat Intel,
• FedRAMP Continuous Monitoring background,
• Detailed background in FedRAMP Moderate and High environments.
• Detailed knowledge of Qualys products and scanners