Cyber Security Engineer – Vulnerability Management

Job not on LinkedIn

October 22

Apply Now

Receive Emails with Similar Jobs

Qualysoft

WebsiteLinkedInAll Job Openings

Software & Technology • SaaS • Consulting

Qualysoft is an independent IT consultancy based in Vienna, founded in 1999. It specializes in delivering innovative technology solutions focused on business applications, CRM consultancy, ERP consultancy, marketing automation, and software engineering. With over 25 years of experience, Qualysoft utilizes advanced technologies such as AI and data analytics to help organizations streamline operations and enhance customer experience across various industries, including banking, manufacturing, and telecommunications.

501 - 1000 employees

Founded 1999

☁️ SaaS

📋 Description

• Operate and optimize Qualys as the primary vulnerability scanning platform. • Ensure full asset coverage across on-prem, cloud, and containerized environments. • Validate scan results, reduce false positives, and maintain asset classification. • Integrate CrowdStrike EDR signals to enrich vulnerability context. • Apply CVSS, KEV and business impact analysis to prioritize vulnerabilities. • Collaborate with threat intelligence to correlate vulnerabilities with active threats. • Maintain a risk matrix and ensure alignment with current threat landscape. • Escalate critical risks to governance forums and senior stakeholders. • Define and enforce SLAs based on risk tiers. • Coordinate remediation efforts with external IT service providers. • Track and report remediation progress, exceptions, and delays. • Ensure secure configuration and patching practices are followed. • Develop and maintain vulnerability management policies and standards. • Support internal and external audits with evidence and reporting. • Participate in cyber risk governance and compliance reviews. • Own the lifecycle of VM tooling (Qualys, integrations with SIEM, CMDB, ITSM). • Drive automation of scanning, ticketing, and reporting workflows. • Evaluate new technologies to improve coverage and efficiency. • Define and maintain KPIs (e.g., MTTR, exposure window, SLA compliance). • Produce dashboards and executive-level reports. • Support continuous improvement through trend analysis and lessons learned.

🎯 Requirements

• 5-8 years in cybersecurity, including vulnerability management leadership. • Experience in managing enterprise VM programs and working with external IT providers. • The successful candidate will have hands on experience in working in VM Security Engineer role. • They will have a track record of formal knowledge in cyber security field. • Knowledge of Qualys, SIEM, EDR, forensic tools, and threat hunting frameworks. • Familiarity with MITRE ATT&CK, NIST, and other industry standards. • Excellent communication skills. • Deep understanding of vulnerability lifecycle and risk-based prioritization. • Openness to working with diverse technologies and tooling to provide robust Security Incident Management capability. • Understanding of cybersecurity monitoring, detection and response, with the ability to forensically analyse, propose remediations and produce root-cause analysis reports. • Ability to develop strong positive working relationships with teams across different business units and ensure collaboration is a priority. • Strong communication and stakeholder management skills. • Personal resilience and self-awareness.

🏖️ Benefits

• Why we think you will love working here: • With us you count as a person, our doors are always open. • We live the Qualysoft Team Spirit and stand for transparency! • Fresh wind and new ideas are welcome, because standstill is a foreign word at Qualysoft.