At ImagineX, we believe in the power of exceptional talent, innovative thinking, and collaborative spirit. We are a dynamic and fast-growing digital services firm, dedicated to solving complex challenges for our clients and shaping the future of industries worldwide. ImagineX operates with two business units (“BUs”), Software and Cybersecurity. In our Software BU we build innovative, enterprise-grade custom software solutions for our clients. In our Cybersecurity BU we provide clients with threat and vulnerability management, cyber data and engineering, and cyber governance, risk, and compliance solutions.

We're looking for two Senior Cybersecurity (Qualys) Engineers to join our growing team for a massive Qualys Policy Compliance (QPC) implementation. In this role you'll build and configure policies for all in-scope technologies in Qualys aligned to CIS benchmarks and customized to meet client standards. 

Both positions are full-time and 100% remote (Atlanta is always preferred but not required).  

Duties: 

This will be a greenfield implementation of Qualys Policy Compliance. Our client is removing the use of Tripwire and rebuilding their Policy Compliance program in Qualys. They were using the DISA STIG baseline in Tripwire and are now aligning to the CIS benchmarks within Qualys.

• Rollout Policy Compliance in Qualys for in-scope technologies, aligning to CIS benchmarks and eventually help deprecate the Tripwire tool
• Fine-tune controls within Qualys to meet the client standards
• Ability to analyze the differences in Qualys CIDs between DISA STIG & CIS frameworks, articulate differences to stakeholders, and work with the technology owners to get them to comply to the agreed upon baselines
• Provide Qualys SME advisory
• Execute weekly BAU activities as directed by the client
• Taking action on any issues identified from the BAU activities
• Demonstrate strong understanding of large scale information technology systems, business processes, security regulatory risk management and security vulnerabilities
• Understand clients' business environment and IT risk management approaches

Required:

• Bachelor's degree in Information Security, or a related field
• Certification in Qualys or related certifications (e.g., CISSP, CISA) is a plus
• Deep hands-on experience with Qualys Vulnerability Management platform performing data collection via sensors, scanning, report generation, and data analysis
• Very strong experience with Qualys Policy Compliance and setting up secure baseline configurations utilizing an industry framework (ex: DISA STIG, CIS benchmark, etc.) to assess the security posture of the client’s environment
• Strong experience fine-tuning controls to meet client standards utilizing custom controls and regex
• Act as SME and able to troubleshoot technical issues with implementation
• Strong understanding of security frameworks and standards (e.g., NIST, CIS, ISO 27001, HITRUST, SCF)
• Overall experience with vulnerability remediation processes, including risk prioritization, change management, analysis, and triage
• Understanding of networking technologies and concepts (routing, switching, network segmentation, etc.)
• Capable of leading / owning workstreams to completion with a small team of junior analysts

SPONSORSHIP NOT AVAILABLE. US CITIZEN OR GREEN CARD HOLDER ONLY.