About Qualys:
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable organizations of all sizes to easily and cost-effectively ensure that their business technology systems remain highly secure and within regulatory compliance.
Policy Compliance Engineer 系统安全及策略合规研发工程师
Location: Beijing
Responsibilities:
* Develop detection signatures to determine current state of configurable parameters on variety of systems/platforms for use in SaaS-based Configuration Management solution (QG Policy Compliance)
* Configure system and network parameters for varied testing requirements, when needed
* Research/write new capabilities in the form of LISP/QScheme/Lua functions to support signature development efforts
* Perform research of ALL methods for detection of various settings and conditions on multiple OS platforms
Minimum Job Qualifications:
* BS/MS in Computer Science (or equivalent field experience) preferred. (计算机本科以上学历)
* 3+ years of System Administration experience including at least 3 years of Unix/Linux Administration (3年以上相关经验)
* Comprehensive knowledge of OS internals: file systems, virtual memory, process lifecycle, security, network stack, etc. (理解操作系统各项服务)
* Knowledge of web servers, firewalls/security, NIS/NFS, DNS, MTAs (理解各种常用应用服务)
* Experience/familiarity with scripting in one of the following: (脚本编程)
o bourne shell
o bash (optional)
o perl (optional)
o PCRE (optional)
o python and/or C (optional)
o VBScript (optional)
* Strong working knowledge of TCP/IP networking (网络知识)
* Excellent verbal and written skills; team player (英语和团队合作 )
* A thorough understanding of Linux and FreeBSD systems architecture at all levels, including kernel configuration, system software services, LAMP-stack configuration and management.
* Solid foundation with Microsoft Windows components such RPC, Active Directory, WMI, Registry, Services, etc.
* Thorough understanding and practice in the use, configuration and management of SVN/CVS and/or other revision tools.
* Working knowledge of high-speed networking configuration and management is highly desirable (Cisco IOS, Juniper JunOS)
* Experience with LDAP (as well as MS AD security
* Experience with RPM development (package building)
* Previous experience working in a technical lead capacity with ability to drive requirements through organization with execution