Qu’s mission is to deliver world class enterprise software to help restaurant chains thrive in the face of increasing complexity, opportunities, and challenges.
Based in Rosslyn, VA, Qu is backed by leading Silicon Valley investors that have also backed Google, Uber, and Dropbox.
We are building an Agile Security Operations team of Security Engineers with complementary skill sets to tackle challenges across our infrastructure and product. This role offers an exciting opportunity for someone who can contribute in areas like vulnerability management, monitoring, penetration testing, and incident response. You will be solving complex challenges, bridging the gap between compliance and operations, and driving excellence in security across cloud infrastructure, on-premise systems, and SaaS applications.
What You’ll Do
Infrastructure Security
- Support and secure identity (SSO) and device trust across endpoints, SaaS applications, and custom middleware.
- Work with AWS serverless architecture and on-premise Qu Point of Sale devices to enhance security across hybrid environments.
Penetration Testing
Organize and execute infrastructure tests across:
- Our corporate infrastructure (identity, SaaS, endpoints).
- Our product (AWS cloud and on-premise devices).
- Our software (containers and applications).
Document findings and coordinate remediation efforts with stakeholders.
Monitoring & Incident Response
- Build and refine SIEM workflows for event alerting, triage, and response.
- Lead or support investigations into internal security incidents.
- Develop and maintain incident response playbooks.
Vulnerability Management
- Conduct scans and report on vulnerabilities across the stack, from SaaS and endpoints to containers and custom applications.
- Collaborate with engineering teams to remediate issues and continuously improve security posture.
Optimization & Innovation
- Automate repetitive tasks and optimize processes using scripting or no-code/low-code tools.
- Leverage creative problem-solving to address operational challenges effectively and efficiently.
- Leverage no-code/low-code tools to design custom middleware, automate workflows, and improve efficiency.
Compliance-Driven Assurance
- Integrate SOC 2, PCI, and ISO certification requirements into operational security processes.
- Collaborate with cross-functional teams to ensure compliance without sacrificing operational flexibility.
- Contribute to a culture of assurance that goes beyond formulaic compliance to deliver real business value.
What You Bring
- 3+ years of experience in security engineering or operations, with demonstrated expertise in one or more of the following: penetration testing, monitoring, incident response, or vulnerability management.
- Strong knowledge of identity systems, SaaS applications, AWS architecture, and on-premise device management.
- Proficiency in scripting (JavaScript, Python, PowerShell, etc.) or no-code/low-code tools to automate tasks and workflows.
- Familiarity with SIEM tools, EDR platforms, and containerized environments.
- Understanding of compliance frameworks such as SOC 2, PCI, and ISO.
- Strong collaboration and communication skills with a customer-focused mindset.
Why Join Qu?
- Be part of a high-growth, profitable startup shaping the future of restaurant technology.
- Work with a team that values operational excellence, creativity, and customer obsession.
- Enjoy the freedom to innovate and solve problems using cutting-edge tools and approaches.
- Make a real impact by connecting security, compliance, and business operations seamlessly.
Ready to take your career to the next level and help restaurants succeed? Let’s talk!