Qualys
Manager, Security Analyst page is loaded## Manager, Security Analystlocations:
Raleightime type:
Full timeposted on:
Posted Todayjob requisition id:
R0003426Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!Join our growing cyber fusion center team as a **Manager, Security Analyst**, where you will be responsible for leading a team of security analysts focused on vulnerability management, endpoint protection, and cloud security posture. This role combines technical leadership with hands-on operational responsibility, emphasizing strategic oversight of Qualys solutions, CSPM, and EDR/EPP tools. You will drive key initiatives in automation, compliance, and threat management while mentoring junior staff and engaging with cross-functional teams to strengthen our enterprise security. A key aspect of this role includes leading the initiative to **establish and operationalize the Qualys Risk Operations Center (ROC)**, leveraging the **Qualys Enterprise TruRisk (ETM)** module to provide a centralized and risk-based view of the organization’s security posture.# **Key Responsibilities:****Leadership & Strategic Oversight:*** Lead and mentor a team of security analysts across vulnerability management, CSPM, and endpoint security functions.* Provide technical leadership and guidance on best practices, security frameworks, and tooling across the cybersecurity domain.* Collaborate with DevOps, Infrastructure, and Application teams to embed security into operations and development workflows.* Drive strategic planning for security automation, tool integration, and policy improvements.## **Vulnerability Management (Qualys):*** Oversee enterprise-wide deployment, optimization, and governance of **Qualys Vulnerability Management** and **Policy Compliance** modules.* Ensure consistent and complete asset coverage across operating systems, databases, network devices, containers, and web applications.* Perform vulnerability analysis, prioritize risk-based remediation, and support IT teams in mitigation strategies.* Implement and manage system hardening policies in alignment with standards such as **CIS Benchmarks**, **DISA STIG**, and **ISO 27001**.## **Cloud Security Posture Management (CSPM):*** Lead configuration audits, misconfiguration detection, and remediation across cloud environments (AWS, Azure, GCP).* Integrate CSPM tooling with CI/CD pipelines and drive cloud governance initiatives across business units.* Define security baselines and enforce compliance with regulatory frameworks and internal controls.## **Endpoint Protection (EDR/EPP):*** Manage deployment and operational oversight of EDR/EPP solutions.* Respond to endpoint threats, coordinate incident response, and work closely with the SOC for investigation and threat hunting.* Ensure visibility and protection across all endpoint devices and integrate alerts into SIEM/SOAR platforms.## **Automation & Orchestration:*** Design and implement automation workflows for recurring security tasks such as patch validation, asset scanning, and remediation tracking.* Lead efforts in integrating security tools (Qualys, CSPM, EDR/EPP) with orchestration platforms for real-time monitoring and actioning.* Optimize operational efficiency by reducing manual interventions and streamlining processes.## **Governance, Risk, and Compliance:*** Ensure alignment with industry standards (NIST, ISO 27001, SOC 2) and internal governance policies.* Drive regular internal audits, risk assessments, and support external compliance reviews.* Maintain documentation of security configurations, workflows, and standard operating procedures.## **Stakeholder Engagement:*** Liaise with product and engineering teams to understand upcoming changes and proactively address security impacts.* Collaborate with Qualys support and user communities to resolve issues, stay updated on features, and promote knowledge sharing.* Report regularly to senior leadership on risk posture, vulnerabilities, and improvement metrics.## **Qualifications & Skills:*** Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or related field.* Proficiency in deploying and managing **Qualys VMDR and Policy Compliance**, **CSPM tools**, and **EDR/EPP platforms** (e.g., CrowdStrike, SentinelOne, Defender).* Proven experience in designing, implementing, and managing vulnerability and endpoint security programs.* Strong understanding of cloud platforms (AWS, Azure, GCP) and secure DevOps practices.* Experience in automation using tools such as Ansible, Python, or integration with SOAR.* Excellent written and verbal communication skills; ability to convey technical risks to non-technical stakeholders.* Relevant certifications preferred: **CISSP, CISM, CEH, OSCP, GCFA**, or **Qualys Certifications**.Qualys is an Equal Opportunity Employer, please see our . #J-18808-Ljbffr
Raleightime type:
Full timeposted on:
Posted Todayjob requisition id:
R0003426Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!Join our growing cyber fusion center team as a **Manager, Security Analyst**, where you will be responsible for leading a team of security analysts focused on vulnerability management, endpoint protection, and cloud security posture. This role combines technical leadership with hands-on operational responsibility, emphasizing strategic oversight of Qualys solutions, CSPM, and EDR/EPP tools. You will drive key initiatives in automation, compliance, and threat management while mentoring junior staff and engaging with cross-functional teams to strengthen our enterprise security. A key aspect of this role includes leading the initiative to **establish and operationalize the Qualys Risk Operations Center (ROC)**, leveraging the **Qualys Enterprise TruRisk (ETM)** module to provide a centralized and risk-based view of the organization’s security posture.# **Key Responsibilities:****Leadership & Strategic Oversight:*** Lead and mentor a team of security analysts across vulnerability management, CSPM, and endpoint security functions.* Provide technical leadership and guidance on best practices, security frameworks, and tooling across the cybersecurity domain.* Collaborate with DevOps, Infrastructure, and Application teams to embed security into operations and development workflows.* Drive strategic planning for security automation, tool integration, and policy improvements.## **Vulnerability Management (Qualys):*** Oversee enterprise-wide deployment, optimization, and governance of **Qualys Vulnerability Management** and **Policy Compliance** modules.* Ensure consistent and complete asset coverage across operating systems, databases, network devices, containers, and web applications.* Perform vulnerability analysis, prioritize risk-based remediation, and support IT teams in mitigation strategies.* Implement and manage system hardening policies in alignment with standards such as **CIS Benchmarks**, **DISA STIG**, and **ISO 27001**.## **Cloud Security Posture Management (CSPM):*** Lead configuration audits, misconfiguration detection, and remediation across cloud environments (AWS, Azure, GCP).* Integrate CSPM tooling with CI/CD pipelines and drive cloud governance initiatives across business units.* Define security baselines and enforce compliance with regulatory frameworks and internal controls.## **Endpoint Protection (EDR/EPP):*** Manage deployment and operational oversight of EDR/EPP solutions.* Respond to endpoint threats, coordinate incident response, and work closely with the SOC for investigation and threat hunting.* Ensure visibility and protection across all endpoint devices and integrate alerts into SIEM/SOAR platforms.## **Automation & Orchestration:*** Design and implement automation workflows for recurring security tasks such as patch validation, asset scanning, and remediation tracking.* Lead efforts in integrating security tools (Qualys, CSPM, EDR/EPP) with orchestration platforms for real-time monitoring and actioning.* Optimize operational efficiency by reducing manual interventions and streamlining processes.## **Governance, Risk, and Compliance:*** Ensure alignment with industry standards (NIST, ISO 27001, SOC 2) and internal governance policies.* Drive regular internal audits, risk assessments, and support external compliance reviews.* Maintain documentation of security configurations, workflows, and standard operating procedures.## **Stakeholder Engagement:*** Liaise with product and engineering teams to understand upcoming changes and proactively address security impacts.* Collaborate with Qualys support and user communities to resolve issues, stay updated on features, and promote knowledge sharing.* Report regularly to senior leadership on risk posture, vulnerabilities, and improvement metrics.## **Qualifications & Skills:*** Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or related field.* Proficiency in deploying and managing **Qualys VMDR and Policy Compliance**, **CSPM tools**, and **EDR/EPP platforms** (e.g., CrowdStrike, SentinelOne, Defender).* Proven experience in designing, implementing, and managing vulnerability and endpoint security programs.* Strong understanding of cloud platforms (AWS, Azure, GCP) and secure DevOps practices.* Experience in automation using tools such as Ansible, Python, or integration with SOAR.* Excellent written and verbal communication skills; ability to convey technical risks to non-technical stakeholders.* Relevant certifications preferred: **CISSP, CISM, CEH, OSCP, GCFA**, or **Qualys Certifications**.Qualys is an Equal Opportunity Employer, please see our . #J-18808-Ljbffr