Conversion CapitalRemote
Senior Information Security Engineer
United States of America
Full Time
3 weeks ago
$180,000 - $200,000 USD
Visa Sponsor
Key skills
AILarge Language ModelsSSOPenetration Testing
About this role
Qualia is a leading B2B real estate technology company that aims to simplify the home buying and selling process. They are seeking a Senior Information Security Engineer to enhance their security posture by identifying vulnerabilities, building security tools, and collaborating with various stakeholders to ensure robust security measures are in place.
Responsibilities:
- Partner with stakeholders across the business to identify gaps and strengthen Qualia's security posture
- Uncover security weaknesses in technologies and processes through threat modeling, security assessments, and the development of practical security baselines
- Build and operate tooling across the full security lifecycle: prevention, detection, investigation, and response
- Evaluate the security posture of cloud environments, including reviewing configurations, monitoring for drift, and ensuring alignment with organizational security baselines
- Serve as a point of escalation for customer-reported security concerns, triaging issues, communicating clearly with affected parties, and driving issues to resolution
- Triage and reproduce vulnerability findings from penetration tests, internal tooling, and external reports—and communicate associated risk clearly to the right audiences
- Scale security impact through automation and education, making the whole organization more security-aware
Requirements:
- 4+ years of professional information security experience, with both a strong defensive foundation and familiarity with offensive techniques
- Genuine curiosity about how systems work and how they break
- The ability to write code—whether it's a quick automation script or a more substantial detection tool
- Hands-on experience with: Security operations tooling (e.g., SIEMs, IDS/IPS, WAFs, log monitoring platforms)
- Core IT domains, including endpoint management, networking, web applications, and cloud infrastructure
- Identity and access management concepts (e.g., SSO, MFA, role-based access controls)
- Navigating the security implications of emerging technologies—including AI and large language models—as the company evaluates and adopts new tools
- Security automation and orchestration: experience connecting tools, writing integrations, or building workflows that reduce response times and manual effort
- Penetration testing tools (e.g., Nmap, Nessus, Metasploit, Burp Suite, or similar)
- The ability to translate complex security concepts into clear, actionable language for technical and non-technical audiences alike
- Bachelor's degree in a relevant field, or equivalent practical experience
- Information Security or IT certifications are a plus
- Experience with or exposure to compliance frameworks (e.g., SOC 2, ISO 27001, or similar)
- Information Security Certificates (e.g., CISSP, GIAC, or similar)