Overview
Skills
Job Details
Job Role: Patch Compliance Engineer - Qualys
Location: Remote
Duration : 6-12 Months Contract
Need : Security Compliance Engineer with Qualys Exp ***Remote***
Job Description:
As a Security Compliance Engineer Qualys Workstation Patching, you will serve as the vulnerability management and reporting expert within a broader patch compliance engineering team. Your primary focus will be to leverage Qualys and Qualys VMDR for identifying exploitable vulnerabilities across the enterprise workstation fleet and translating that data into actionable remediation plans.
You will collaborate with patch deployment specialists (SCCM, Intune, PatchMyPC) to drive prioritization, reporting, and compliance visibility. Your insights will directly influence reimaging strategies, patch target identification, and long-term risk posture improvements.
Key Responsibilities
Vulnerability Assessment & Prioritization
Leverage Qualys and Qualys VMDR to detect, prioritize, and track endpoint vulnerabilities
Analyze scan results to determine patch applicability and urgency
Identify high-risk exposures and align with patch deployment team for timely remediation
Reporting & Governance
Develop and maintain dashboards and reports on remediation progress, historical trends, and unpatched systems
Support coordination with Contact Center and CXO teams to flag reimage candidates
Provide visibility to leadership on risk posture, compliance rates, and SLA tracking
Cross-Tool Collaboration
Align Qualys outputs with SCCM, Intune, and PatchMyPC patching workflows
Partner with remediation engineers to map vulnerabilities to deployment baselines and automation plans
Proactive Remediation Support
Assist in identifying attack surface reduction opportunities through data-driven insights
Contribute to blocking patterns for recurring high-risk software and applications
Technology Stack & Tooling Focus
While Qualys is your primary domain, collaboration across the full ecosystem is essential:
Vulnerability Reporting
Qualys, Qualys VMDR
Windows OS Patching
Windows Autopatch, SCCM
Microsoft Office Patching
Cloud Update, SCCM
Third-Party Application Patching
PatchMyPC, SCCM, Qualys VMDR, Nexthink
Required Qualifications
5+ years of experience in endpoint security or vulnerability management in large enterprise environments
Advanced hands-on experience with Qualys and Qualys VMDR, particularly for vulnerability detection and risk scoring
Familiarity with patching tools such as SCCM, Intune, and PatchMyPC
Experience translating vulnerability data into actionable patch plans and risk reports
Proficiency with dashboarding and compliance metrics using native tools or BI platforms
Strong communication and collaboration skills across security and IT operations teams
Preferred Qualifications
Experience in enterprise environments with 100,000+ endpoints
Knowledge of endpoint compliance frameworks (e.g., CIS Benchmarks, NIST, ISO 27001)
Familiarity with risk orchestration platforms such as Brinqa and Vulcan
Understanding of remediation prioritization workflows in matrixed environments
Previous participation in centralized vulnerability management or GRC teams