Senior Security Engineer

At Quantum Circuits Inc., we are building the world’s first truly algorithmic quantum computers to achieve transformational computing capabilities. Our full-stack quantum computing platform uses superconducting devices along with a modular, robust, and scalable architecture. Our unique approach is based on a decade of technology research and breakthroughs at Yale University's world-renowned quantum labs.

We are seeking a highly skilled and self-motivated Senior Security Engineer to join our dynamic team. The ideal candidate has a strong background in evaluating and mitigating security vulnerabilities across on-premises and AWS environments and will be hands-on in assessing, designing, implementing, and maintaining a robust security posture for all systems. This ensures QCI’s infrastructure is secure, resilient, and capable of supporting our cutting-edge quantum computing platform.

• Assess and mitigate security risks across QCI’s on-premises and AWS environments, including securing in-house applications hosted on AWS.
• Develop, implement, and maintain security policies, procedures, and best practices to safeguard systems, data, and QCI’s quantum computing platform.
• Evaluate and enhance network security by auditing network devices and security appliances (e.g., SonicWall, Cisco, Juniper), identifying vulnerabilities, and recommending configurations. Collaborate with network engineers for implementation.
• Monitor and respond to security threats and incidents by developing and executing a comprehensive incident response plan to detect, communicate, contain, and remediate security breaches effectively.
• Perform regular security audits, risk assessments, and vulnerability scans, including reviews of Windows environments, Active Directory, and GPO configurations.
• Lead and coordinate penetration testing initiatives, conducting internal assessments to identify vulnerabilities and working with third-party security firms for comprehensive evaluations.
• Automate security tasks such as monitoring, alerting, and compliance checks using scripting languages (e.g., Python, Bash).
• Raise security awareness by establishing a training program, including phishing campaigns and regular employee education to promote best practices.
• Collaborate with leadership to report on security status, vulnerabilities, and improvement plans, ensuring proactive risk management. firms to conduct comprehensive evaluations.
• Ensure compliance with third-party vendor security policies by designing and implementing security measures for systems handling external data.
• Oversee secure data handling and retention processes, including encryption, retention, deletion, and forensic destruction in alignment with industry standards such as NIST guidelines. 
• Regularly review access logs for potential security threats and unauthorized access, providing detailed reports as required by external audits or risk assessments.

• 5 years of experience in security engineering, with a focus on both cloud (AWS) and on-premises environments.
• Deep understanding of security concepts, including network security, encryption, identity and access management, and compliance standards (e.g., ISO, NIST, PCI-DSS).
• Familiarity with NIST standards for secure data handling and destruction (e.g., NIST SP 800-88).
• Experience with security tools for vulnerability scanning, incident detection, and monitoring (e.g., Black Duck, Nessus, Splunk, AWS Security Hub).
• Hands-on experience managing and securing network devices such as firewalls, routers, and switches (e.g., SonicWall, Cisco, Juniper).
• Strong scripting skills (Python, Bash, PowerShell) for automation of security tasks.
• Knowledge of Windows environments (Active Directory, GPOs) and securing Windows-based systems.
• Excellent communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
• Self-motivated and able to take ownership of projects, driving them to completion.

• 7 years of experience in a security-focused role.
• Security certifications such as CISSP, CEH, CISM, or AWS Certified Security Specialty.
• Experience in designing and implementing security for microservices, containers, and serverless architectures supporting complex platforms.
• Experience ensuring compliance with third-party security policies and external regulatory requirements.
• Knowledge of secure integration practices for external APIs and third-party platforms.
• Familiarity with modern logging and monitoring solutions (e.g., ELK Stack, Prometheus, Grafana).
• Penetration testing and ethical hacking experience (e.g., Metasploit, Kali Linux).
• Knowledge of compliance requirements and experience implementing secure solutions to meet regulatory standards.

• This is a hybrid role based in New Haven, CT, with the flexibility to work from home but requiring regular onsite presence.
• Sponsorship is available for qualified candidates.