Companies you'll love to work for

Senior Security Engineer

Quantum Circuits

Quantum Circuits

Software Engineering
New Haven, CT, USA
Posted 6+ months ago
At Quantum Circuits Inc., we are building the world’s first truly algorithmic quantum computers to achieve transformational computing capabilities. Our full-stack quantum computing platform uses superconducting devices along with a modular, robust, and scalable architecture. Our unique approach is based on a decade of technology research and breakthroughs at Yale University's world-renowned quantum labs.
We are seeking a highly skilled and self-motivated Senior Security Engineer to join our dynamic team. The ideal candidate has a strong background in evaluating and mitigating security vulnerabilities across on-premises and AWS environments and will be hands-on in assessing, designing, implementing, and maintaining a robust security posture for all systems. This ensures QCI’s infrastructure is secure, resilient, and capable of supporting our cutting-edge quantum computing platform.

Key Responsibilities:

  • Assess and mitigate security risks across QCI’s on-premises and AWS environments, including securing in-house applications hosted on AWS.
  • Develop, implement, and maintain security policies, procedures, and best practices to safeguard systems, data, and QCI’s quantum computing platform.
  • Evaluate and enhance network security by auditing network devices and security appliances (e.g., SonicWall, Cisco, Juniper), identifying vulnerabilities, and recommending configurations. Collaborate with network engineers for implementation.
  • Monitor and respond to security threats and incidents by developing and executing a comprehensive incident response plan to detect, communicate, contain, and remediate security breaches effectively.
  • Perform regular security audits, risk assessments, and vulnerability scans, including reviews of Windows environments, Active Directory, and GPO configurations.
  • Lead and coordinate penetration testing initiatives, conducting internal assessments to identify vulnerabilities and working with third-party security firms for comprehensive evaluations.
  • Automate security tasks such as monitoring, alerting, and compliance checks using scripting languages (e.g., Python, Bash).
  • Raise security awareness by establishing a training program, including phishing campaigns and regular employee education to promote best practices.
  • Collaborate with leadership to report on security status, vulnerabilities, and improvement plans, ensuring proactive risk management. firms to conduct comprehensive evaluations.
  • Ensure compliance with third-party vendor security policies by designing and implementing security measures for systems handling external data.
  • Oversee secure data handling and retention processes, including encryption, retention, deletion, and forensic destruction in alignment with industry standards such as NIST guidelines.
  • Regularly review access logs for potential security threats and unauthorized access, providing detailed reports as required by external audits or risk assessments.

Minimum Qualifications:

  • 5+ years of experience in security engineering, with a focus on both cloud (AWS) and on-premises environments.
  • Deep understanding of security concepts, including network security, encryption, identity and access management, and compliance standards (e.g., ISO, NIST, PCI-DSS).
  • Familiarity with NIST standards for secure data handling and destruction (e.g., NIST SP 800-88).
  • Experience with security tools for vulnerability scanning, incident detection, and monitoring (e.g., Black Duck, Nessus, Splunk, AWS Security Hub).
  • Hands-on experience managing and securing network devices such as firewalls, routers, and switches (e.g., SonicWall, Cisco, Juniper).
  • Strong scripting skills (Python, Bash, PowerShell) for automation of security tasks.
  • Knowledge of Windows environments (Active Directory, GPOs) and securing Windows-based systems.
  • Excellent communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
  • Self-motivated and able to take ownership of projects, driving them to completion.

Preferred Qualifications:

  • 7+ years of experience in a security-focused role.
  • Security certifications such as CISSP, CEH, CISM, or AWS Certified Security Specialty.
  • Experience in designing and implementing security for microservices, containers, and serverless architectures supporting complex platforms.
  • Experience ensuring compliance with third-party security policies and external regulatory requirements.
  • Knowledge of secure integration practices for external APIs and third-party platforms.
  • Familiarity with modern logging and monitoring solutions (e.g., ELK Stack, Prometheus, Grafana).
  • Penetration testing and ethical hacking experience (e.g., Metasploit, Kali Linux).
  • Knowledge of compliance requirements and experience implementing secure solutions to meet regulatory standards.

Location & Work Arrangements:

  • This is a hybrid role based in New Haven, CT, with the flexibility to work from home but requiring regular onsite presence.
  • Sponsorship is available for qualified candidates.