Patch Compliance Engineer - Qualys

Job Role: Patch Compliance Engineer - Qualys
Location: Remote
Duration : 6-12 Months Contract

Job Description:
As a Security Compliance Engineer Qualys Workstation Patching, you will serve as the vulnerability management and reporting expert within a broader patch compliance engineering team. Your primary focus will be to leverage Qualys and Qualys VMDR for identifying exploitable vulnerabilities across the enterprise workstation fleet and translating that data into actionable remediation plans.

You will collaborate with patch deployment specialists (SCCM, Intune, PatchMyPC) to drive prioritization, reporting, and compliance visibility. Your insights will directly influence reimaging strategies, patch target identification, and long-term risk posture improvements.

Key Responsibilities

Vulnerability Assessment & Prioritization

• Leverage Qualys and Qualys VMDR to detect, prioritize, and track endpoint vulnerabilities

• Analyze scan results to determine patch applicability and urgency

• Identify high-risk exposures and align with patch deployment team for timely remediation

Reporting & Governance

• Develop and maintain dashboards and reports on remediation progress, historical trends, and unpatched systems

• Support coordination with Contact Center and CXO teams to flag reimage candidates

• Provide visibility to leadership on risk posture, compliance rates, and SLA tracking

Cross-Tool Collaboration

• Align Qualys outputs with SCCM, Intune, and PatchMyPC patching workflows

• Partner with remediation engineers to map vulnerabilities to deployment baselines and automation plans

Proactive Remediation Support

• Assist in identifying attack surface reduction opportunities through data-driven insights

• Contribute to blocking patterns for recurring high-risk software and applications

Technology Stack & Tooling Focus

While Qualys is your primary domain, collaboration across the full ecosystem is essential:

Vulnerability Reporting

• Qualys, Qualys VMDR

Windows OS Patching

• Windows Autopatch, SCCM

Microsoft Office Patching

• Cloud Update, SCCM

Third-Party Application Patching

• PatchMyPC, SCCM, Qualys VMDR, Nexthink

Required Qualifications

• 5+ years of experience in endpoint security or vulnerability management in large enterprise environments

• Advanced hands-on experience with Qualys and Qualys VMDR, particularly for vulnerability detection and risk scoring

• Familiarity with patching tools such as SCCM, Intune, and PatchMyPC

• Experience translating vulnerability data into actionable patch plans and risk reports

• Proficiency with dashboarding and compliance metrics using native tools or BI platforms

• Strong communication and collaboration skills across security and IT operations teams

Preferred Qualifications

• Experience in enterprise environments with 100,000+ endpoints

• Knowledge of endpoint compliance frameworks (e.g., CIS Benchmarks, NIST, ISO 27001)

• Familiarity with risk orchestration platforms such as Brinqa and Vulcan

• Understanding of remediation prioritization workflows in matrixed environments
• Previous participation in centralized vulnerability management or GRC teams