Lead GRC Analyst



Discover how Qualys helps your business measure & eliminate cyber threats through a host of cybersecurity detection & remediation tools. Try it today!

View all jobs at Qualys

Apply now Apply later

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Brief Description:

Qualys seeks to hire a Senior and Mid-level Global Risk and Compliance specialist. As a Governance, Risk, and Compliance (GRC) specialist the candidate will be reporting to the Security Operations Senior Director of Global Compliance.

Full Job Description

This role will be responsible for supporting our ongoing compliance efforts (ISO, NIAP, PCI DSS, GDPR, CCPA, IRAP, SOC2, and FedRAMP environments), working collaboratively to manage risk within the organisation, and assisting to shape the Qualys information security program through documentation and evaluation of security controls within Qualys and external 3rd part entities. You will work side by side with the information security team and others from across the organisation to help ensure Qualys and our customers data in secure and meeting organizational compliance standards.

·         Produce weekly, monthly and quarterly uptime and status reports for production and critical internal infrastructure

·         Manage organisational infrastructure LDAP/RADIUS/Basic auth,

·         Design processes, programs and workflows,

·         Handle all internal/External Audits, ISP document maintenance,

·         Security log management & event monitoring (Splunk/IPS Palo Alto),

·         Incident & Security Incident Response Strategy & Planning,

·         Build custom packages & key management,

·         VM, PKI management external/internal,

·         Automation of legacy/scheduled manual tasks,

·         Identity and Access Management.

Skillset Needed:

·         8-12 Years in IS & IT GRC with background in ISO27001 27017 27018, ISO9001, ISO 22301, FedRAMP, SOC2, ITIL, OCI/AWS/Azure/GCP Cloud Security and GDPR.

·         Strong user of PowerPoint, MS Project Plan, Visio, Excel.

·         Experience with Office365, SharePoint and/or Confluence.

·         Be self-directed and self-motivated.

·         Ability to focus on repetitive work efforts.

Beneficial Skillset:

·         Qualys on Qualys, Threat Intel,

·         FedRAMP Continuous Monitoring background,

·         Detailed background in FedRAMP Moderate and High environments.

·         Detailed knowledge of Qualys products and scanners

·         Working experience on OneTrust or equivalent vendor assessment tool

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  9  0  0

Tags: Audits Automation AWS Azure CCPA Cloud Compliance Confluence FedRAMP GCP GDPR Governance IAM Incident response IPS ISO 22301 ISO 27001 ITIL LDAP Monitoring PCI DSS PKI Qualys SharePoint SOC 2 Splunk Strategy

Region: Asia/Pacific
Country: India

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.