6 Cnapp Jobs

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Grow your career at Qualys where innovation and talent thrive! About Qualys: Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance, and IT solutions with over 10,000 subscription customers worldwide, including most of the Forbes Global 100 and Fortune 100. We help organizations streamline and automate security and compliance workflows onto a single platform, delivering greater agility, stronger security outcomes, and substantial cost savings. As part of the evolving Qualys Enterprise TruRisk Platform, we are expanding into Cloud Detection and Response (CDR) helping organizations detect active threats, manage cloud risk, and respond quickly in cloud-native, multi-cloud, and hybrid environments. We are building deep capabilities around cloud log analysis, eBPF-based runtime security, network security, and Zero Trust enforcement integrating technologies such as Sysdig Falco, Tetragon, and advanced runtime behavioral analytics. We are seeking a dynamic and experienced Senior Product Manager to join our growing Cloud Detection and Response (CDR) team at Qualys. In this role, you will drive the strategy and execution for key areas of our CDR product line focused on cloud threat detection, investigation, and automated response capabilities. You will bring a strong background in cloud security, detection and response technologies, and a can-do attitude to help global enterprise customers secure their cloud infrastructure and containerized workloads. You will collaborate closely with engineering, product design, product marketing, sales, and solution engineering teams, and interface with product leadership in a globally distributed environment. This is an exciting opportunity to have a high-impact role at a company known for innovation and trusted by the worlds leading enterprises. Qualifications: - Bachelors degree in Computer Science, Engineering, Cybersecurity, or a related technical field (MBA or equivalent experience preferred). - 5+ years of experience in product management, or 8+ years in a technical leadership, security engineering, or solution architecture role in cybersecurity or cloud security. - Deep understanding of cloud security, cloud-native environments (AWS, Azure, GCP), Kubernetes, and containerized workloads. - Familiarity with Cloud Detection and Response (CDR), CNAPP, or adjacent technologies such as SIEM, XDR, EDR, or threat hunting platforms. - Hands-on experience or strong working knowledge of cloud telemetry (e.g., AWS CloudTrail, Azure Activity Logs), cloud audit logging, and event-based threat detection. - Knowledge of modern runtime security technologies, including eBPF-based monitoring, Sysdig Falco, Tetragon, and cloud-native network security techniques. - Understanding of Zero Trust architectures and least-privilege enforcement in cloud environments. - Experience working with cybersecurity concepts such as malware detection, file integrity monitoring, secure configuration management, and policy compliance. - Strong analytical, organizational, and technical writing skills, with a data-driven approach to decision-making. - Exceptional communication skills, both technical and non-technical, across geographically distributed teams and customer environments. - Experience collaborating across multiple time zones and managing complex projects in a fast-paced environment. Role and Responsibilities: - Define and execute product strategy and roadmap for cloud detection and response capabilities within the Qualys platform. - Gather and prioritize requirements based on customer feedback, industry trends, and competitive analysis. - Develop clear product themes, epics, and user stories as input to engineering and design teams. - Work closely with engineering teams to deliver high-quality product features on time and within scope. - Drive key initiatives in cloud log ingestion and analysis, runtime threat detection using eBPF/Falco/Tetragon, network security analytics, and Zero Trust policy enforcement. - Actively engage with enterprise customers to understand needs, gather feedback, and validate product direction. - Track product success through metrics and KPIs, iterating based on customer impact and business outcomes. - Support product marketing with positioning, messaging, launch readiness, and field enablement. - Collaborate with sales teams to support key customer opportunities and strategic accounts. Join Us: This is a highly visible and impactful role where you will be part of a passionate and collaborative product team shaping the future of cloud security. If you're excited about building next-generation security solutions, helping customers stay ahead of modern threats, and growing your career at a company known for excellence and innovation - we would love to hear from you.,

Roles and Responsibilities Provide technical support to customers via phone, email, or chat for issues related to Palo Alto firewalls, Checkpoint firewalls, Zscaler, Netskope, FortiGate, Cisco ASA firewalls, pfSense, and other security solutions. Troubleshoot complex network infrastructure issues using various tools such as Wireshark, Tcpdump, MRTG etc. Collaborate with cross-functional teams to resolve customer complaints and improve overall service delivery. Develop knowledge base articles and contribute back to the community through blog posts or documentation. Participate in on-call rotation for 24x7 support team.

Role Summary We're seeking an experienced Cloud Security Engineer with strong expertise in Azure and GCP platforms. In this role, you'll work at the intersection of cybersecurity and cloud engineering, focusing on implementing security recommendations from Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) solutions. Key Responsibilities Analyze and prioritize security findings from CSPM and CNAPP tools across Azure, GCP and AWS environments Coordinate and execute remediation activities with cloud engineering teams to address identified vulnerabilities Lead the deployment, configuration, and maintenance of CSPM and CNAPP solutions Develop and implement security automation to streamline remediation processes Create and maintain cloud security documentation, including policies, procedures, and architectural diagrams Participate in security incident response for cloud-related events Provide cloud security expertise during new service deployments and architecture reviews Stay current with evolving cloud security best practices, threats, and compliance requirements Qualifications 4+ years of experience in cloud security across Azure and GCP platforms Demonstrable experience with CSPM and CNAPP tools and methodologies Strong understanding of cloud-native security controls, including IAM, encryption, network security, and logging/monitoring Proficiency in security automation using tools like Terraform, Azure ARM templates, or GCP Deployment Manager Experience with Kubernetes and other containerisation technologies Experience with cloud security frameworks and compliance standards (e.g., CIS, NIST, SOC2) Strong knowledge of DevSecOps principles and practices Excellent communication skills to effectively coordinate with various technical teams Preferred Skills Relevant security certifications (e.g., CCSP, Azure Security Engineer, GCP Professional Cloud Security Engineer) Experience with container security and Kubernetes environments Familiarity with cloud security APIs and CLI tools Background in security architecture or engineering Experience with cloud infrastructure as code (IaC) security scanning

We are looking for a motivated Cloud Security Consultant to join our team, focusing on Cloud-Native Application Protection Platform (CNAPP) technologies . The main focus area will be Cloud Secure Posture . The ideal candidate will possess deep expertise in scaled virtual systems and security technologies and be capable of maintaining and enhancing our application security posture through proactive operational management, effective communication, and continuous learning. You will be responsible for: Operational Integrity: Maintain the operational integrity of CNAPP and related tool sets and process, ensuring configurations are up to date and optimized, and escalating issues appropriately. , Risk and Threat Analysis: Provide thorough analysis of risks and threats, suggesting and implementing potential remediations Providing necessary information and guidance to IT Technology Owners, Monitoring remediation actions. Business Understanding: Gather and incorporate an understanding of business-relevant factors impacted by security toolsets. Security Advocacy: Promote security awareness among relevant stakeholders and best practices throughout the organization. You will have the ability to continuously learn about technologies and associated vulnerabilities, practice interactions with IT stakeholders and get detailed understanding of corporate processes (e. g. IT Change Management, Software Development). SPECIFIC ASSIGNMENTS: You will be working on running the Cloud-Native Application Protection Platform. You will be responsible for maintaining and elevating the security across our cloud environments. The main goal of this role is to reduce risk while allowing the business to operate quickly, safely, and efficiently. If you are motivated and passionate about cloud security architecture and operations, this could be the ideal role for you. Your role is strategic for the organization - running the CNAPP is key to secure the Company, build strong layer of defense and improve Company s security posture! Technical details, leading security products, industry best practices, guidelines - you will be working with them on day-to-day basis to grow your security skills and improve Eurofins IT environment. Qualifications If you have: Educational background in IT or Information Security and, 4+ years of experience with public cloud providers (Azure, AWS, GCP) involving cloud security architecture. Experience in Kubernetes Previous experience in Security (at least 7+ years) we are looking for you! Willingness to learn and motivation to act towards the achievable goal is key for us! On the role of Cloud Security Consultant, you can utilize your technical skills: Understanding of various Cloud Service Providers (CSP); Assessing and evaluating cloud-policies; Utilizing CVEs, collecting and processing information from vulnerability databases; Experience using CI/CD pipelines for change management and automated security testing; Working with leading industry products and services (e. g. Wiz, ServiceNow); Added advantage if candidate has CISSP/CCSP/Any cloud security or architecture certification; As you'll be working in an international environment, your English needs to be excellent . You have to be an effective communicator (both to technical and non-technical professionals), convincing that your concepts are relevant and important for the whole organization. Other skills you'll need are : orientation on details, team collaboration, problem solving. Additional Information What we can offer: Very attractive, multicultural and friendly work environment in fast-growing international company (more than 50 000 employees now); Possibility to grow and make the next step in your professional career and self-development; Long-term relationship and competitive salary package

8+ years of relevant Cyber Security experience. Expertise in leveraging Ansible and Terraform for infrastructure management using Python and Command Line Interface. Experience with AWS and commercial cloud security tools and technologies. Required Candidate profile Excellent communication and collaboration skills, with the ability to work with technical and non-technical stakeholders. Cloud certifications (e.g., AWS Certified Security).

CloudNative Security Consultant Description of Role: The Security Consultant should have a strong understanding of the emerging security practices and standards. Should be able to consult, engineer and apply security best practices while designing and proposing solutions to our enterprise customers. Should be able to conduct system security, vulnerability analysis and risk assessment, identify security gaps, identify integration issues, study architecture/platform and design security architecture. A Cloud Native Security Consultant undertakes complex work of a high-risk level, often working on several projects. In this role, you will: Interact with senior stakeholders across departments Reach and influence a wide range of people across larger teams and communities Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions Develop vision, principles, and strategy for security architects for one project or technology Work out subtle security needs Understand the impact of decisions, balancing requirements and deciding between approaches Produce patterns and support quality assurance Be the point of escalation for architects in lower-grade roles Lead the technical design of systems and services Qualifications/Experience: Bachelor degree in any stream Minimum 3 years of working experience in Cyber Security Consulting or Advisory Successfully delivered at-least 2 (two) Cyber Security consulting and implementation projects as consultant in recent years (2 years) Certification: Preferred Certification: GIAC Cloud Security Automation (GCSA) Certified Kubernetes Security Specialist (CKS) Certified DevSecOps Professional (CDP) KUBERNETES AND CLOUDNATIVE ASSOCIATE (KCNA) OEM certification on CNAPP security products (e.g., Palo Alto Prisma, Checkpoint Cloudguard, Aqua Security etc.) Cloud Service Provider Security Certificates (e.g., SC-100, AWS Certified Security-Specialty, GCP Professional Cloud Security Engineer) Pen Tester certification (LPT/ OSCP/GPEN) Certified Security - Specialty Certification should be valid Responsibilities Below will be the scope of the role: Collaborate with teams to build deliver solutions implementing serverless, microservices based, IaaS, PaaS and containerized architecture of multi cloud environment Develop rule base and parameterized IaC templates for automated deployment using Terraform Build CI/CD Pipeline using AWS (CodeBuild, CodeDeploy, CodePipeline), Google (CloudBuild), Azure (DevOps, Pipelines) Integrate 3rd party tool with CICD Process (e.g. SonarQube, CheckMarx, Embold) Config Manage environment using industry standard DevOps tools (Ansible) Implement scripting to extend builddeploymentmonitoring process (PowerShell, Bash, Python) Ability to develop IaC with Terraform Strong understanding on Cloud Networking Container, Microservices, Docker, Kubernetes security Network Security Orchestration on Microservices environment Secure Microservice Communication, Secure Authentication to Common DB without API/password/sharing keys Technical documentation, Product evaluation, POC Implementation, Migration and Architect of Security Technology and Solution DevOps, DevSecOps and SRE (site reliability Engineering) mindset Knowledge and Skills Candidate should have experience in the below domains: Hands on experience with Cloud Native Application protection CNAPP Tools (Prisma Cloud by Palo Alto, Checkpoint Cloud Guard, Aqua Security) Hands on experience with Automation Tools (e.g., Ansible, Chef, Puppet) Experienced with Application migration from Monolithic to Microservices Architecture Web Application Firewall implementation experience at Kubernetes and API Gateway Experience with implementation of Vulnerability scanner and Container Image repository hardening Well depth understanding on AWS, AZURE, GCP offered services (EKS, AKS, GKE) Understanding and review of Infrastructure as Code (IaC), Compliance as Code (CaC) Updated with trends and participation of industry recognized forum (e.g., Cloud Native Computing Foundation) Experienced with deliverables on Cloud Security Posture