We invest in visionary teams with transformative ideas.

Join Canaan's extended family.
214
companies
760
Jobs

Senior Security & DevOps Engineer

Quantum Circuits

Quantum Circuits

Software Engineering
New Haven, CT, USA
Posted on Nov 6, 2024
At Quantum Circuits Inc., we are building the world’s first truly algorithmic quantum computers to achieve transformational computing capabilities. Our full-stack quantum computing platform uses superconducting devices along with a modular, robust, and scalable architecture. Our unique approach is based on a decade of technology research and breakthroughs at Yale University's world-renowned quantum labs.
We are seeking a highly skilled and self-motivated Senior Security & DevOps Engineer to join our dynamic team. The ideal candidate will have a strong background in identifying, assessing, and mitigating security vulnerabilities across both on-premises and cloud (AWS) environments. This role requires a hands-on professional who can implement effective security measures and lead by example, actively participating in the development and maintenance of secure infrastructure. The candidate must be able to effectively communicate with senior leadership while being proficient in technical tasks, ensuring the company’s infrastructure remains secure, resilient, and capable of supporting QCI’s cutting-edge quantum computing platform.

Key Responsibilities:

  • Identify, assess, and correct security vulnerabilities across QCI’s on-premises and AWS environments, including securing in-house Python applications hosted on AWS.
  • Develop and implement security best practices, policies, and procedures to safeguard systems, data, and QCI's quantum computing platform.
  • Manage and secure the network perimeter, including auditing and configuring network security devices (e.g., SonicWall, Cisco, Juniper) to ensure robust protection against external threats.
  • Monitor systems and networks for security breaches, anomalies, or intrusions, and respond to incidents swiftly and effectively.
  • Collaborate with the existing DevOps and infrastructure teams to integrate security into the CI/CD pipeline and infrastructure management, ensuring smooth and secure deployment of critical services.
  • Conduct regular security audits, risk assessments, and vulnerability scans, including audits of Windows environments, Active Directory, and GPO configurations.
  • Implement automated solutions for security monitoring, alerting, and compliance checks across various platforms and environments.
  • Engage with senior leadership to report on security status, vulnerabilities, and improvement plans, ensuring transparency and proactive management of risks.
  • Perform penetration testing to identify weaknesses and recommend improvements to the company’s security posture.
  • Contribute to infrastructure engineering and DevOps tasks as needed to support the overall goals of QCI’s IT and platform teams.
  • Stay up-to-date on the latest security trends, vulnerabilities, tools, and frameworks to proactively adapt and improve security measures at QCI.
  • This position is hybrid. While there is flexibility to work from home, it requires regular onsite presence at our main office in New Haven, CT. Additionally, the role entails responding to onsite issues that cannot be effectively managed remotely.
  • Off-hour support on and off site may be necessary at times.
  • Sponsorship available.

Minimum Qualifications:

  • 5+ years of experience in security engineering, with a focus on both cloud (AWS) and on-premises environments.
  • Strong understanding of security concepts, including network security, encryption, identity and access management, and compliance standards (e.g., ISO, NIST, PCI-DSS).
  • Experience with security tools for vulnerability scanning, incident detection, and monitoring (e.g., Black Duck ,Nessus, Splunk, AWS Security Hub).
  • Hands-on experience managing and securing network devices, such as firewalls, routers, and switches (e.g., SonicWall, Cisco, Juniper).
  • Proficiency in infrastructure as code (IaC) tools, such as Terraform or CloudFormation, and familiarity with CI/CD pipelines.
  • Strong scripting skills (e.g., Python, Bash, PowerShell) for automation of security tasks.
  • Knowledge of Windows environments, including Active Directory, GPOs, and securing Windows-based systems.
  • Excellent communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
  • Self-motivated with a proven ability to take ownership and initiative in identifying and resolving security issues.

Preferred Qualifications:

  • 7+ years of experience in a security-focused role with experience in DevOps or infrastructure engineering.
  • Security certifications such as CISSP, CEH, CISM, or AWS Certified Security Specialty.
  • Experience in designing and implementing security for microservices, containers, and serverless architectures, especially those supporting complex platforms like QCI's quantum computing systems.
  • Familiarity with logging and monitoring solutions (e.g., ELK Stack, Prometheus, Grafana).
  • Strong background in networking, firewalls, VPNs, and the ability to conduct comprehensive network security audits.
  • Previous experience with penetration testing and ethical hacking, including tools like Metasploit or Kali Linux.
  • Previous experience working in or with IT operations, DevOps, and engineering teams to build secure and scalable infrastructure solutions.
  • Knowledge of compliance requirements and experience in implementing secure solutions to meet regulatory standards.