Vulnerability Management (Qualys Security Analyst)

Primary Duties and Responsibilities

 Work with customers to coordinate, conduct, and tune network and system
vulnerability scans prior to deployment and when those systems are modified within
pre-production and production environments
 Responsible for understanding, reviewing, and interpreting assessment and scanning
results, reducing false positive findings, and acting as a trusted security advisor to
the client.
 Learn and adapt to client’s culture, security strategies, security goals, security
objectives, and security capabilities
 Identify client’s organizational position and posture against emerging and zero day
 Maintain knowledge of outstanding vulnerability management issues as it pertains to
the Client’s Vulnerability Management Service and communicate updates to Client as
appropriate
 Present Vulnerability Assessment Scanning and guidance, False Positive Validation,
Compliance Scanning and, scan profile and policy creation
 Provide system administrators, system owners, and IT support staff with effective
vulnerability mitigation strategies, meaningful vulnerability metrics, security controls
and or corrective actions for mitigating technical and business risk
 Develop and report enterprise-level metrics for vulnerabilities and remediation
progress
 Understand, demonstrate, and educate stakeholders on the real-world impact of
threats and vulnerability exploitation in a given environment
 Manage multiple customer requests, assessments, and meet customer expectations
within established service levels
Qualifications 
 Background in security threat analysis – ability to determine risk level of identified
threats and necessary urgency in remediation
 Possess strong technical understanding of common network and system
vulnerabilities
 Understanding of networking principles (OSI Model, routing, TCP/IP)
 Windows and Linux operating systems, and basic administration
 Best practices in common security technologies
 Problem solving skills and ability to work under pressure in a rapid paced, customer
facing 24/7 production environment
 Experience working with cross-business and cross-functional teams in a
geographically distributed environment
 Setting up scanning profiles, conducting routine scans of our environment, oversee
remediation efforts, etc.
 Willingness to share on-call responsibilities, work non-standard hours, and travel
when required
 Willingness to accept direction, support leadership vision, and to serve as a point of
contact directly supporting vulnerability assessments, system owners, and executives
 Excellent written and verbal communication skills
Must Have Skills
 Minimum 2 years of experience with Qualys
 Experienced in setting up scanning profiles, conducting routine scans of security
environment, oversee remediation efforts, etc.