At Qualia, we've built the leading B2B real estate technology that transforms the home buying and selling experience into a simple, secure, and enjoyable process. Our SMB and Enterprise products bring together users from across the real estate ecosystem---homebuyers and sellers, lenders, title and escrow agents, and real estate agents---onto a single shared digital closing platform, providing greater clarity and transparency to real estate transactions. Today, through our business customers across the country, millions of consumers use Qualia to close on homes every year.
WHAT YOU'LL WORK ON
Because purchasing a home is often the largest financial transaction of our users' lives, the stakes for getting security right are real. Our Information Security team doesn't rely on assumptions---we identify where they've been made, assess the risk, and communicate it clearly to the business. We define what "normal" looks like across our products, customers, employees, and assets, and we own the detection and response when something deviates from that baseline.
As a Senior Information Security Engineer, you'll operate at the intersection of technical depth and business impact. You bring hard-won experience and sharp instincts, but you stay genuinely curious about what's new in the threat landscape. Whether you're writing policy, building detection logic, or shipping code, you'll have real autonomy to make pragmatic decisions that protect the company without standing in the way of its growth.
Security at Qualia isn't siloed---it touches every team and every product. That means you'll need to be as comfortable talking to an engineer about a misconfiguration as you are briefing a business leader on risk. A growth mindset isn't optional here; as the threats we face become more numerous and sophisticated, so must we.
RESPONSIBILITIES
- Partner with stakeholders across the business to identify gaps and strengthen Qualia's security posture
- Uncover security weaknesses in technologies and processes through threat modeling, security assessments, and the development of practical security baselines
- Build and operate tooling across the full security lifecycle: prevention, detection, investigation, and response
- Evaluate the security posture of cloud environments, including reviewing configurations, monitoring for drift, and ensuring alignment with organizational security baselines
- Serve as a point of escalation for customer-reported security concerns, triaging issues, communicating clearly with affected parties, and driving issues to resolution
- Triage and reproduce vulnerability findings from penetration tests, internal tooling, and external reports---and communicate associated risk clearly to the right audiences
- Scale security impact through automation and education, making the whole organization more security-aware
YOUR BACKGROUND THAT LIKELY MAKES YOU A MATCH
- 4+ years of professional information security experience, with both a strong defensive foundation and familiarity with offensive techniques
- Genuine curiosity about how systems work and how they break
- The ability to write code---whether it's a quick automation script or a more substantial detection tool
- Hands-on experience with:
- Security operations tooling (e.g., SIEMs, IDS/IPS, WAFs, log monitoring platforms)
- Core IT domains, including endpoint management, networking, web applications, and cloud infrastructure
- Identity and access management concepts (e.g., SSO, MFA, role-based access controls)
- Navigating the security implications of emerging technologies---including AI and large language models---as the company evaluates and adopts new tools
- Security automation and orchestration: experience connecting tools, writing integrations, or building workflows that reduce response times and manual effort
- Penetration testing tools (e.g., Nmap, Nessus, Metasploit, Burp Suite, or similar)
- The ability to translate complex security concepts into clear, actionable language for technical and non-technical audiences alike
- Bachelor's degree in a relevant field, or equivalent practical experience
- Information Security or IT certifications are a plus
- Nice to have
- Experience with or exposure to compliance frameworks (e.g., SOC 2, ISO 27001, or similar)
- Information Security Certificates (e.g., CISSP, GIAC, or similar)
This role has a base annual salary of $180,000-$200,000 plus a competitive equity and benefits package. (Salary to be determined by relevant experience, location, knowledge, and skills of the applicant, internal equity, and alignment with market data.)
WHY QUALIA
Qualia is made up of incredibly bright, mission-driven coworkers who are passionate about using technology to solve real-world problems---and we're growing quickly. In order to continue building an engaging and dynamic organization, we're committed to giving everyone the support they need to do great work.
Our benefits package is designed to allow our team members to be their best selves, both in and out of the workplace. In addition to comprehensive health plans, a 401k program, and commuter benefits, we prioritize family and personal well-being through professional development, parental leave, and a flexible time off policy. Qualia offers a robust online onboarding program to train new hires, biweekly all hands meetings, and a variety of internal virtual events to keep employees connected.
We believe diverse perspectives and backgrounds are critical to building great technology, and our goal is to cultivate an environment where people feel equally valued and respected. Qualia is proud to be an equal-opportunity workplace, and we welcome applicants from all backgrounds regardless of race, color, ancestry, religion, gender identity or expression, sexual orientation, marital status, age, citizenship, socioeconomic status, disability, or veteran status.
By submitting your application, you acknowledge and agree to the collection, processing, and use of your personal information as described in our Employee Data Privacy Notice.
