Who We Are :
It's exciting, to find yourself standing in a pivotal moment in time. It’s even more exciting to be out front leading it.
At QTS, our world-class data centers are among the most highly trusted in the industry, positioning us at the forefront of today’s dynamic digital evolution.
Data centers are experiencing once-in-a-generation demand growth, driven by cloud adoption and the AI revolution, said Jon Gray, President & COO of Blackstone, the investment strength behind QTS.
As AI drives the demand for increased speed, capacity and capability, QTS has emerged as the global digital infrastructure leader, committed to connecting the world’s economy for good.
Driven by purpose and fueled by a spirit of innovation, QTS designs, builds and operates sophisticated data centers.
QTS is Powered by People. People who play a vital role in our company’s culture, innovation and growth. People who are committed to contributing to the communities where we operate and work.
People who are knowledgeable, resourceful and mission driven. Together, we do great things.
Who You Are :
You are a strategic leader who enjoys delivering complex security solutions across an organization.
The Impact You Will Have :
You will lead the implementation, maintenance, monitoring and management of information security solutions throughout QTS.
The engineer delivers these solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements.
As risks change, the security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.
The Principal Applications Security Engineer, while not a management role, is expected to lead and contribute to the corporate security strategy with security leadership and other senior security staffers, IT leaders and IT engineers.
Recipients of the engineer’s implementations and management include IT infrastructure, application development, security operations, security audit and end users.
With an emphasis on securing systems, applications, third-party connections, service providers and ancillary systems, the security engineer is responsible for securing business-to-business initiatives, third-party relationships, outsourced solutions and vendors.
Considered a highly knowledgeable individual, the principal security engineer is expected to lead the implementation, monitoring and management of information security solutions that address modern day threats, issues and risks in a rapidly changing threat environment.
What You Will Do :
- Handle day-to-day implementation, monitoring and operational support of hardware, software, customer applications, managed solutions and service provider relationships.
- Actively participate and lead security team meetings that facilitate secure design.
- Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects.
Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).
- Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.
- Implement solutions observing compliance Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), SOC 2, HITRUST, FISMA etc. and privacy laws.
- Work in tandem with architects, the security analysts, risk / compliance analysts, incident responders (in cases of anomalous activity and host compromise), TechOps and development team members.
- Respond to and handle service and escalation tickets within SLA expectations.
- Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted.
- Participate regularly in change project and change management meetings.
- Research, validate and deploy solutions meeting security and business needs.
- Follow security engineering fundamentals and processes as outlined in NIST 800-160, and other best practice documents.
- Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
- Focus on driving security efficiencies, enabling security team members to work on more advanced tasks.
- Conduct performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.
What You Will Need to be Successful :
- 15+ years’ experience in cybersecurity, including compliance and risk management with a system and network security engineering background.
- Highly technical and analytical expertise, with a proven deep background (preferred 10+ years’ IT experience in addition to cybersecurity) in technology design, implementation and delivery.
- Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments.
- Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection / prevention systems (IDS / IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls.
- Skilled in meeting vulnerability and penetration testing requirements.
- Excellence in communicating business risk from cybersecurity issues.
- Experience managing SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS / IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools.
- Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
- US Citizenship for this position is required by law due to federal customer contracts
- Proficient with scripting in Python, JavaScript, PowerShell, PHP or Ruby.
- DevOps background with experience in compliance obligations.
- Experience with one or more of the following : ISO 27001, NIST, PCI Data Security Standard (PCI DSS), HIPAA, Health Information Technology for Economic and Clinical Health (HITECH) Act, SOX, the General Data Protection Regulation (GDPR), Center for Internet Security (CIS) standards or Service Organization Controls (SOC) 2.
- Working knowledge of Windows, Linux and Unix
- Experience with Amazon Web Services (AWS) or Microsoft Azure.
- Holds or working toward one or more of the following certifications : SANS GIAC, CCSP, CISSP, Cisco CCIE, AWS Certified Cloud Practitioner or additional AWS advanced certifications such as AWS Certified DevOps Engineer, VMware Certified Professional, Microsoft Azure Security Engineer Certification, Microsoft Identity and Access Administrator.
The Perks (and these are just a few!) :
- QRest Sabbatical
- Employee Stock Purchase
- QTS scholarship for dependents
- Eagle Club award trip eligibility
- Paid volunteer days
- Tuition assistance, parental leave and military leave assistance
We conform to all the laws, statutes, and regulations concerning equal employment opportunities and affirmative action. We strongly encourage women, minorities, individuals with disabilities and veterans to apply to all of our job openings.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, or national origin, age, disability status, Genetic Information & Testing, Family & Medical Leave, protected veteran status, or any other characteristic protected by law.
We prohibit retaliation against individuals who bring forth any complaint, orally or in writing, to the employer or the government, or against any individuals who assist or participate in the investigation of any complaint or discrimination claim.
The "Know Your Rights" Poster is included here :
The pay transparency policy is available here :
QTS is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to and let us know the nature of your request and your contact information.