Qualys - Manager

Job Title: Qualys - ManagerLocation: BangaloreExperience: 10 YearsEmployment Type: Full-TimeRole OverviewWe are seeking a hands-on Vulnerability Management & Security Posture Engineer with deep expertise in Qualys VMDR, Policy Compliance (PC), and Security Configuration Assessment (SCA). This role involves end-to-end ownership of vulnerability management, including asset discovery, scanning, posture assessment, and remediation lifecycle, with a strong focus on automation and continuous improvement.Key Responsibilities1. Asset Discovery & Scan ManagementPerform asset discovery using agent-based and network scanning techniquesConfigure and manage scan profiles (authenticated scans, port ranges, scheduling)Execute and monitor scans across on-prem, cloud, and endpoint environments2. Vulnerability & Posture AssessmentAnalyze vulnerabilities and misconfigurations using VMDR and Policy CompliancePrioritize findings based on CVSS, exploitability, and business impactAssess systems against CIS benchmarks and organizational security baselines3. Remediation & AutomationIntegrate vulnerability findings with ITSM tools (e.g., ServiceNow) for trackingDrive the remediation lifecycle: Open → In Progress → Validated → ClosedImplement automation using Qualys CAR / QFlow where applicableManage exceptions, risk acceptance, and compensating controls4. Reporting & Stakeholder CommunicationGenerate technical, compliance, and executive-level reportsBuild dashboards to track vulnerability trends and posture improvementsProvide actionable remediation guidance and track SLA adherenceMust-Have SkillsStrong hands-on experience with Qualys VMDR, Policy Compliance (PC), and SCASolid understanding of CIS Benchmarks, CVSS scoring, and vulnerability lifecycleExperience with scan configuration, asset tagging, and risk prioritizationFamiliarity with ITSM integrations (ServiceNow preferred)Exposure to scripting/automation (Python, Shell)Good to HaveExperience with automation workflows (QFlow, SOAR tools)Knowledge of security frameworks: ISO 27001, NIST, CISExposure to compliance reporting and audit supportCloud security posture experience (AWS, Azure, GCP)Key DeliverablesAsset Inventory & Scan Coverage ReportsVulnerability Prioritization MatrixCompliance & Security Posture Assessment ReportsRemediation Tracker & Automation LogsExecutive Security ScorecardsWhat We’re Looking ForStrong ownership mindset with attention to detailAbility to collaborate with cross-functional teams (Infrastructure, Cloud, Application teams)Proactive approach toward risk reduction, automation, and continuous improvement.

Apply Now