Patch Compliance Engineer - Qualys
Posted 2 days ago by 1752215892
Negotiable
Outside
Remote
USA
Summary: The Patch Compliance Engineer - Qualys will act as a vulnerability management expert within a patch compliance engineering team, focusing on identifying and remediating vulnerabilities across enterprise workstations using Qualys and Qualys VMDR. This role involves collaboration with patch deployment specialists to enhance compliance visibility and influence patching strategies. The engineer will also be responsible for developing reports and dashboards to track remediation progress and risk posture. The position is remote and requires extensive experience in endpoint security and vulnerability management.
Key Responsibilities:
- Leverage Qualys and Qualys VMDR to detect, prioritize, and track endpoint vulnerabilities
- Analyze scan results to determine patch applicability and urgency
- Identify high-risk exposures and align with patch deployment team for timely remediation
- Develop and maintain dashboards and reports on remediation progress, historical trends, and unpatched systems
- Support coordination with Contact Center and CXO teams to flag reimage candidates
- Provide visibility to leadership on risk posture, compliance rates, and SLA tracking
- Align Qualys outputs with SCCM, Intune, and PatchMyPC patching workflows
- Partner with remediation engineers to map vulnerabilities to deployment baselines and automation plans
- Assist in identifying attack surface reduction opportunities through data-driven insights
- Contribute to blocking patterns for recurring high-risk software and applications
Key Skills:
- 5+ years of experience in endpoint security or vulnerability management in large enterprise environments
- Advanced hands-on experience with Qualys and Qualys VMDR, particularly for vulnerability detection and risk scoring
- Familiarity with patching tools such as SCCM, Intune, and PatchMyPC
- Experience translating vulnerability data into actionable patch plans and risk reports
- Proficiency with dashboarding and compliance metrics using native tools or BI platforms
- Strong communication and collaboration skills across security and IT operations teams
- Experience in enterprise environments with 100,000+ endpoints (preferred)
- Knowledge of endpoint compliance frameworks (e.g., CIS Benchmarks, NIST, ISO 27001) (preferred)
- Familiarity with risk orchestration platforms such as Brinqa and Vulcan (preferred)
- Understanding of remediation prioritization workflows in matrixed environments (preferred)
- Previous participation in centralized vulnerability management or GRC teams (preferred)
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
Job Role: Patch Compliance Engineer - Qualys
Location: Remote
Duration : 6-12 Months Contract
Job Description:
As a Security Compliance Engineer Qualys Workstation Patching, you will serve as the vulnerability management and reporting expert within a broader patch compliance engineering team. Your primary focus will be to leverage Qualys and Qualys VMDR for identifying exploitable vulnerabilities across the enterprise workstation fleet and translating that data into actionable remediation plans.
You will collaborate with patch deployment specialists (SCCM, Intune, PatchMyPC) to drive prioritization, reporting, and compliance visibility. Your insights will directly influence reimaging strategies, patch target identification, and long-term risk posture improvements.
Key Responsibilities
Vulnerability Assessment & Prioritization
- Leverage Qualys and Qualys VMDR to detect, prioritize, and track endpoint vulnerabilities
- Analyze scan results to determine patch applicability and urgency
- Identify high-risk exposures and align with patch deployment team for timely remediation
Reporting & Governance
- Develop and maintain dashboards and reports on remediation progress, historical trends, and unpatched systems
- Support coordination with Contact Center and CXO teams to flag reimage candidates
- Provide visibility to leadership on risk posture, compliance rates, and SLA tracking
Cross-Tool Collaboration
- Align Qualys outputs with SCCM, Intune, and PatchMyPC patching workflows
- Partner with remediation engineers to map vulnerabilities to deployment baselines and automation plans
Proactive Remediation Support
- Assist in identifying attack surface reduction opportunities through data-driven insights
- Contribute to blocking patterns for recurring high-risk software and applications
Technology Stack & Tooling Focus
While Qualys is your primary domain, collaboration across the full ecosystem is essential:
Vulnerability Reporting
- Qualys, Qualys VMDR
Windows OS Patching
- Windows Autopatch, SCCM
Microsoft Office Patching
- Cloud Update, SCCM
Third-Party Application Patching
- PatchMyPC, SCCM, Qualys VMDR, Nexthink
Required Qualifications
- 5+ years of experience in endpoint security or vulnerability management in large enterprise environments
- Advanced hands-on experience with Qualys and Qualys VMDR, particularly for vulnerability detection and risk scoring
- Familiarity with patching tools such as SCCM, Intune, and PatchMyPC
- Experience translating vulnerability data into actionable patch plans and risk reports
- Proficiency with dashboarding and compliance metrics using native tools or BI platforms
- Strong communication and collaboration skills across security and IT operations teams
Preferred Qualifications
- Experience in enterprise environments with 100,000+ endpoints
- Knowledge of endpoint compliance frameworks (e.g., CIS Benchmarks, NIST, ISO 27001)
- Familiarity with risk orchestration platforms such as Brinqa and Vulcan
- Understanding of remediation prioritization workflows in matrixed environments
- Previous participation in centralized vulnerability management or GRC teams