Qualys Security Engineer

We are seeking an experienced Qualys Security Engineer to join our Vulnerability Management team. This role will be responsible for managing and optimizing our Qualys deployment, conducting vulnerability assessments, and working cross-functionally to improve our security posture.

This role requires a current DoD Top Secret clearance. The individual in this role must reside within a commutable distance of Washington, DC to work onsite full time.

Key Responsibilities:

• Manage and maintain the Qualys vulnerability management platform, including scanners, agents, and cloud connectors.
• Configure and optimize scanning policies, authentication, and assessment templates.
• Analyze vulnerability scan results and produce actionable reports for various stakeholders.
• Coordinate with IT and Development teams to validate and remediate identified vulnerabilities.
• Develop and maintain automation scripts for Qualys API integration and custom reporting.
• Perform asset discovery and maintain accurate asset inventory within Qualys.
• Investigate false positives and tune scanning configurations to improve accuracy.
• Support compliance initiatives by configuring and running policy compliance scans.
• Mentor junior team members on vulnerability management best practices.

Required Qualifications:

• US Citizenship is required. Must have and maintain a current DoD Top Secret clearance.
• Bachelor's degree in Computer Science, Information Security, or related field.
• 3-5 years of experience with vulnerability management tools, preferably Qualys.
• Must reside within a commutable distance of Washington, DC to work onsite full time.
• Strong understanding of networking concepts, security protocols, and common vulnerabilities.
• Experience with Windows and Linux operating systems.
• Proficiency in scripting languages (Python, PowerShell, or Shell scripting).
• Knowledge of security frameworks (NIST, CIS, ISO 27001).
• Strong analytical and problem-solving skills.
• Technical Skills:
  • Qualys Vulnerability Management
  • Qualys Policy Compliance
  • Qualys Web Application Scanning
  • API integration and automation
  • Database management
  • Network protocols and architecture
  • Operating system security
  • Vulnerability assessment methodologies.
• Excellent written and verbal communication.
• Strong project management capabilities.
• Ability to work independently and as part of a team.
• Good documentation practices.
• Effective stakeholder management.
• Problem-solving mindset.

Preferred Qualifications:

• Security certifications (CISSP, CEH, GIAC, or similar).
• Experience with additional security tools (Nessus, Rapid7, etc.).
• Knowledge of cloud security concepts (AWS, Azure, GCP).
• Experience with configuration management tools.
• Familiarity with container security and web application security.
• Background in system administration or network security.

Cyber Security Innovations (CSI) is an equal opportunity employer committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. As a veteran-friendly employer, we encourage military veterans to apply.

This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. CSI makes hiring decisions based solely on qualifications, merit, and business needs at the time.

CSI participates in the E-Verify Employment Verification Program.

Salary : $170,000 - $185,000