Qualys Policy Compliance Expert

Software Guidance & Assistance, Inc., (SGA), is searching for a Qualys Compliance Monitoring Expert for a CONTRACT assignment with one of our premier Banking clients in Frisco, TX.

• Overview
  We are seeking a Qualys Compliance Monitoring Expert to lead the design, deployment, and management of our enterprise compliance monitoring program. This role will focus on leveraging Qualys Policy Compliance (PC) and related modules to ensure that IT assets meet regulatory, security, and organizational standards. The ideal candidate will have deep expertise in security compliance frameworks, automated monitoring, and cross-team collaboration to drive a proactive compliance posture.
  Responsibilities
• Act as subject matter expert (SME) for Qualys Policy Compliance (PC) and Continuous Monitoring solutions.
• Develop, configure, and maintain compliance scan policies aligned with CIS benchmarks, NIST, ISO 27001, PCI-DSS, HIPAA, and SOX requirements.
• Manage compliance monitoring workflows, including scheduling, execution, and reporting of automated scans.
• Analyze scan results, identify gaps, and partner with Infrastructure, Cloud, and Application teams to drive remediation.
• Build and deliver executive-level dashboards and compliance reports to track risk posture and audit readiness.
• Support audit and regulatory requirements by providing scan evidence, remediation tracking, and compliance metrics.
• Tune compliance profiles to reduce false positives and ensure accurate reporting across heterogeneous environments (Windows, Linux, Databases, Cloud).
• Integrate Qualys with ITSM systems (e.g., ServiceNow) to automate compliance ticketing and exception handling.
• Collaborate with Security Architecture, Risk Management, and IT Operations teams to align compliance strategy with enterprise goals.
• Provide ongoing training and guidance to internal stakeholders on compliance best practices.
• Qualifications
• Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience).
• 5+ years of experience in IT Security, Compliance, or Vulnerability Management.
• Hands-on experience with the QualysGuard Suite, specifically Policy Compliance (PC), Continuous Monitoring, and Asset Management.
• Strong understanding of compliance frameworks: PCI-DSS, HIPAA, SOX, ISO 27001, NIST CSF, and CIS Benchmarks. Experience building policies.
• Proficiency in interpreting compliance reports and guiding remediation teams.
• Familiarity with cloud platforms (AWS, Azure, Google Cloud Platform) and their compliance requirements.
• Experience with automation and integration using APIs, scripting (Python, PowerShell, Bash), and ITSM tools.
• Strong analytical, problem-solving, and communication skills with the ability to work across diverse teams.
• Preferred Skills
• Certifications: Qualys Certified Specialist, CISSP, CISA, CISM, or ISO 27001 Lead Implementer.
• Experience integrating Qualys with SIEM platforms for compliance event monitoring.
• Knowledge of container and Kubernetes compliance scanning.

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.

#LI-SL1