At Quantum Circuits Inc., we are building the world's first truly algorithmic quantum computers to achieve transformational computing capabilities. Our full-stack quantum computing platform uses superconducting devices along with a modular, robust, and scalable architecture. Our unique approach is based on a decade of technology research and breakthroughs at Yale University's world-renowned quantum labs.
We are seeking a highly skilled and self-motivated Senior Security Engineer to join our dynamic team. The ideal candidate has a strong background in evaluating and mitigating security vulnerabilities across on-premises and AWS environments and will be hands-on in assessing, designing, implementing, and maintaining a robust security posture for all systems. This ensures QCI's infrastructure is secure, resilient, and capable of supporting our cutting-edge quantum computing platform.
Key Responsibilities: - Assess and mitigate security risks across QCI's on-premises and AWS environments, including securing in-house applications hosted on AWS.
- Develop, implement, and maintain security policies, procedures, and best practices to safeguard systems, data, and QCI's quantum computing platform.
- Evaluate and enhance network security by auditing network devices and security appliances (e.g., SonicWall, Cisco, Juniper), identifying vulnerabilities, and recommending configurations. Collaborate with network engineers for implementation.
- Monitor and respond to security threats and incidents by developing and executing a comprehensive incident response plan to detect, communicate, contain, and remediate security breaches effectively.
- Perform regular security audits, risk assessments, and vulnerability scans, including reviews of Windows environments, Active Directory, and GPO configurations.
- Lead and coordinate penetration testing initiatives, conducting internal assessments to identify vulnerabilities and working with third-party security firms for comprehensive evaluations.
- Automate security tasks such as monitoring, alerting, and compliance checks using scripting languages (e.g., Python, Bash).
- Raise security awareness by establishing a training program, including phishing campaigns and regular employee education to promote best practices.
- Collaborate with leadership to report on security status, vulnerabilities, and improvement plans, ensuring proactive risk management. firms to conduct comprehensive evaluations.
- Ensure compliance with third-party vendor security policies by designing and implementing security measures for systems handling external data.
- Oversee secure data handling and retention processes, including encryption, retention, deletion, and forensic destruction in alignment with industry standards such as NIST guidelines.
- Regularly review access logs for potential security threats and unauthorized access, providing detailed reports as required by external audits or risk assessments.
Minimum Qualifications: - 5+ years of experience in security engineering, with a focus on both cloud (AWS) and on-premises environments.
- Deep understanding of security concepts, including network security, encryption, identity and access management, and compliance standards (e.g., ISO, NIST, PCI-DSS).
- Familiarity with NIST standards for secure data handling and destruction (e.g., NIST SP 800-88).
- Experience with security tools for vulnerability scanning, incident detection, and monitoring (e.g., Black Duck, Nessus, Splunk, AWS Security Hub).
- Hands-on experience managing and securing network devices such as firewalls, routers, and switches (e.g., SonicWall, Cisco, Juniper).
- Strong scripting skills (Python, Bash, PowerShell) for automation of security tasks.
- Knowledge of Windows environments (Active Directory, GPOs) and securing Windows-based systems.
- Excellent communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
- Self-motivated and able to take ownership of projects, driving them to completion.
Preferred Qualifications: - 7+ years of experience in a security-focused role.
- Security certifications such as CISSP, CEH, CISM, or AWS Certified Security Specialty.
- Experience in designing and implementing security for microservices, containers, and serverless architectures supporting complex platforms.
- Experience ensuring compliance with third-party security policies and external regulatory requirements.
- Knowledge of secure integration practices for external APIs and third-party platforms.
- Familiarity with modern logging and monitoring solutions (e.g., ELK Stack, Prometheus, Grafana).
- Penetration testing and ethical hacking experience (e.g., Metasploit, Kali Linux).
- Knowledge of compliance requirements and experience implementing secure solutions to meet regulatory standards.
Location & Work Arrangements: - This is a hybrid role based in New Haven, CT, with the flexibility to work from home but requiring regular onsite presence.
- Sponsorship is available for qualified candidates.