Security Compliance Engineer with Qualys Exp ***Remote***

Job Role: Patch Compliance Engineer - Qualys

Location: Remote

Duration : 6-12 Months Contract

Need : Security Compliance Engineer with Qualys Exp ***Remote***

Job Description:

As a Security Compliance Engineer Qualys Workstation Patching, you will serve as the vulnerability management and reporting expert within a broader patch compliance engineering team. Your primary focus will be to leverage Qualys and Qualys VMDR for identifying exploitable vulnerabilities across the enterprise workstation fleet and translating that data into actionable remediation plans.

You will collaborate with patch deployment specialists (SCCM, Intune, PatchMyPC) to drive prioritization, reporting, and compliance visibility. Your insights will directly influence reimaging strategies, patch target identification, and long-term risk posture improvements.

Key Responsibilities

Vulnerability Assessment & Prioritization

Leverage Qualys and Qualys VMDR to detect, prioritize, and track endpoint vulnerabilities

Analyze scan results to determine patch applicability and urgency

Identify high-risk exposures and align with patch deployment team for timely remediation

Reporting & Governance

Develop and maintain dashboards and reports on remediation progress, historical trends, and unpatched systems

Support coordination with Contact Center and CXO teams to flag reimage candidates

Provide visibility to leadership on risk posture, compliance rates, and SLA tracking

Cross-Tool Collaboration

Align Qualys outputs with SCCM, Intune, and PatchMyPC patching workflows

Partner with remediation engineers to map vulnerabilities to deployment baselines and automation plans

Proactive Remediation Support

Assist in identifying attack surface reduction opportunities through data-driven insights

Contribute to blocking patterns for recurring high-risk software and applications

Technology Stack & Tooling Focus

While Qualys is your primary domain, collaboration across the full ecosystem is essential:

Vulnerability Reporting

Qualys, Qualys VMDR

Windows OS Patching

Windows Autopatch, SCCM

Microsoft Office Patching

Cloud Update, SCCM

Third-Party Application Patching

PatchMyPC, SCCM, Qualys VMDR, Nexthink

Required Qualifications

5+ years of experience in endpoint security or vulnerability management in large enterprise environments

Advanced hands-on experience with Qualys and Qualys VMDR, particularly for vulnerability detection and risk scoring

Familiarity with patching tools such as SCCM, Intune, and PatchMyPC

Experience translating vulnerability data into actionable patch plans and risk reports

Proficiency with dashboarding and compliance metrics using native tools or BI platforms

Strong communication and collaboration skills across security and IT operations teams

Preferred Qualifications

Experience in enterprise environments with 100,000+ endpoints

Knowledge of endpoint compliance frameworks (e.g., CIS Benchmarks, NIST, ISO 27001)

Familiarity with risk orchestration platforms such as Brinqa and Vulcan

Understanding of remediation prioritization workflows in matrixed environments

Previous participation in centralized vulnerability management or GRC teams