At Qualtrics, we create software the world’s best brands use to deliver exceptional frontline experiences, build high-performing teams, and design products people love. But we are more than a platform—we are the creators and stewards of the Experience Management category serving over 18K clients globally. Building a category takes grit, determination, and a disdain for convention—but most of all it requires close-knit, high-functioning teams with an unwavering dedication to serving our customers.When you join one of our teams, you’ll be part of a nimble group that’s empowered to set aggressive goals and move fast to achieve them. Strategic risks are encouraged and complex problems are solved together, by passing the mic and iterating until the best solution comes to light. You won’t have to look to find growth opportunities—ready or not, they’ll find you. From retail to government to healthcare, we’re on a mission to bring humanity, connection, and empathy back to business. Join over 6,000 people across the globe who think that’s work worth doing.    

Senior Security Engineer, Infrastructure & Cloud Security

Why We Have This Role

As Qualtrics continues to expand the Experience Management (XM) SaaS platform, we must ensure that we’re protecting our customers and their data by building and operating secure systems. With over one thousand software & system engineers contributing to Qualtrics XM every day, we have a large attack surface to evaluate and secure. This role is critical to this mission.

Qualtrics is seeking an experienced security engineer/architect with a passion for security and demonstrated expertise in cloud and infrastructure security. The selected candidate will provide technical leadership and subject matter expertise within the Infrastructure Security team and across the product engineering organization.

The Infrastructure Security team is responsible for measures to improve and ensure the security of infrastructure used to operate and deliver Qualtrics SaaS products. The team’s scope includes cloud (IaaS/PaaS), workload orchestration (Kubernetes, Nomad), containers, data stores and server OS, as well as CI/CD and related systems. Infrastructure Security works in collaboration with other teams within the Information Security organization, including application security, vulnerability management, network security, security operations and incident response, and security assurance. The team also partners with our infrastructure (i.e., SRE) and platform engineering and developer experience teams. 

How You’ll Find Success

• You will define infrastructure and cloud security program strategy and architecture, identify and remediate risks, recommend and drive specific improvements
• Collaborate effectively with the Qualtrics engineering organization and fellow security team members; socialize security risks, solutions and and architecture
• Mentor and support a team of skilled security engineers to help them 

How You’ll Grow

• Solve challenging security, technical and process challenges which require creative thinking and continuous learning
• Learn new technologies, cloud platforms/services and other infrastructure being introduced regularly within the organization in order to provide accurate and comprehensive security guidance
• Develop and exercise project management and leadership skills to execute on the program roadmap

Things You’ll Do

• Review system designs and implementations, and consult with engineers across the organization to identify and/or avoid security issues through alignment with security standards and best practices; document and ensure security issues are appropriately remediated
• Leverage your accumulated subject matter expertise of Qualtrics systems and infrastructure to propose design patterns and drive architectural improvements which address classes of security flaws in the platform
• Develop and implement the cloud & infrastructure security architecture and contribute to program strategy and roadmap plans
• Document and improve cloud/infrastructure standards and guidelines
• Promote DevSecOps principles and implement Infrastructure as Code (IaC) scanning and policy enforcement to ensure new systems deployed via Terraform, AWS CloudFormation, Code Development Kit or similar methods are secure and compliant with standards and guidelines
• Deliver training and provide mentoring to engineers and staff on security topics
• Perform the selection, design, development, implementation and management of automated security testing tools (e.g., cloud security posture management (CSPM), network/host/image vulnerability scanners); maintain relationships with product vendors
• Leverage development and automation skills to solve security problems, integrate security systems, streamline processes and replace manual work

What We’re Looking For On Your Resume 

• Bachelor’s degree in Computer Science, Cybersecurity or a related field
• Over 5 years of relevant work experience
• Experience as a senior security engineer in infrastructure or cloud security
• Multiple years of experience managing and securing AWS services and workloads
• Experience leading multi-month security projects and initiatives that require collaboration with teams across an organization
• Sound understanding of cloud security vulnerabilities, defense techniques and security best practices, including AWS-specific security practices and present-day threats
• Strong working knowledge of AWS services and security concepts including Service Control Policies (SCPs), Identity and Access Management (IAM), VPCs, ELBs, CloudTrail, and security groups
• Experience with modern cloud infrastructure, including EC2, Linux-based operating systems, docker containers, workload orchestration (Kubernetes, Nomad), data stores (relational DBs, NoSQL and document DBs (Elasticsearch), object stores (S3)), event streaming (Kafka)
• Knowledge of system and infrastructure hardening and monitoring best practices
• Experience managing vulnerability scanning tools and/or CSPM

Bonus Points 

• Experience with assessing/securing the infrastructure of large, complex SaaS applications
• One or more relevant security certifications (AWS Certified Security - Specialty, CCSP, CCSK, GCSA, AWS Certified Solutions Architect or DevOps Engineer)
• Experience with securing Azure and/or Google Cloud Platform (GCP)
• Prior full time SRE, cloud engineering or software development experience
• Experience with agile methodologies for project management

What You Should Know About This Team

• We work with a wide array of modern technologies and need to scale our solutions to tens of thousands of end points, thousands of engineers, and worldwide data centers and cloud environments
• We emphasize establishing a career development plan and will help you to find meaningful work assignments, learning opportunities and mentorships which will aid your growth and developmentWe work closely with our peer platform security teams and enjoy coming together in person and remotely to build relationships and have fun

Our Team’s Favorite Perks and Benefits

• Qualtrics pays 100% of the healthcare benefit premiums for employees and their dependents. 
• Catered lunches, free snacks and drinks
• Full time employees receive an annual experience bonus after their first year of employment. Qualtrics Experience Bonus is a program designed to provide experiences to our employees they might not otherwise have.
• We spend 10% of our time on individual engineering growth activities every quarter
• Quarterly book budget to continue learning and quarterly fitness budget

  The Qualtrics Hybrid Work Model: Our hybrid work model is elegantly simple: we all gather in the office three days a week; Mondays and Thursdays, plus one day selected by your organizational leader. These purposeful in-person days in thoughtfully designed offices help us do our best work and harness the power of collaboration and innovation. For the rest of the week, work where you want, owning the integration of work and life.   Qualtrics is an equal opportunity employer meaning that all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.   ​​​​​​​Applicants in the United States of America have rights under Federal Employment Laws:Family & Medical Leave Act,Equal Opportunity Employment,Employee Polygraph Protection Act   Qualtrics is committed to the inclusion of all qualified individuals. As part of this commitment, Qualtrics will ensure that persons with disabilities are provided with reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please let your Qualtrics contact/recruiter know.   Not finding a role that’s the right fit for now? Qualtrics Insiders is the one-stop shop for all things Qualtrics Life. Sign up for exclusive access to content created with you in mind and get the scoop on what we have going on at Qualtrics - upcoming events, behind the scenes stories from the team, interview tips, hot jobs, and more. No spam - we promise! You'll hear from us two times a month max with fresh, totally tailored info - so be sure to stay connected as you explore your best role and company fit.

For full-time positions, this pay range is for base per year; however, base pay offered may vary depending on location, job-related knowledge, education, skills, and experience. For part-time or intern positions, this pay range is for base pay per hour. A sign-on bonus and restricted stock units may be included in an employment offer, in addition to a range of medical, financial, and other benefits, based on eligibility criteria.

Washington State Pay Transparency Range$130,000—$232,000 USD