SME - Qualys

Job Summary

ob Title: Cybersecurity Vulnerability Management SME (Qualys VMDR) Role Summary The Vulnerability Management SME will own and drive end to end vulnerability management with a strong focus on risk based prioritization, KEV handling, remediation governance, and executive reporting. This role is hands on and outcome driven, bridging security findings with real remediation results. Key Responsibilities • Own the vulnerability lifecycle: identify, prioritize, remediate, verify, and report • Operate and optimize Qualys VMDR for accurate detection and risk based prioritization • Convert scanner findings into clear, actionable remediation guidance • Identify vulnerabilities impacting the organization from CISA KEV and maintain a “KEV affecting us” priority fix list • Drive remediation through ITSM workflows: ticketing, follow ups, SLA tracking, and escalation • Verify fixes through rescans and remediation validation • Produce operational and executive dashboards showing risk trends, KEV exposure, and SLA compliance Required Skills:

• Hands on Qualys VMDR experience with risk based vulnerability prioritization and reporting • Strong Qualys Knowledge Base / QID expertise, including QID to CVE mapping and remediation interpretation • Ability to correlate Qualys detections with CISA Known Exploited Vulnerabilities (KEV) • Strong Excel skills (pivot tables, Power Query, data cleanup, reconciliation) and Power BI skills (data model, DAX basics, dashboards for vuln/KEV trends and SLA tracking). Additional Expectations • Strong understanding of CVE, CVSS, exploitability, patchability, and compensating controls • Ability to work across infrastructure, application, and cloud teams to drive remediation • Clear communication with both technical teams and leadership • Audit ready documentation and disciplined execution • Flexibility to work in 247 rotational shifts environment. Experience • 5–10+ years in cybersecurity • 3–6+ years focused on vulnerability management and remediation governance • Preferred certifications (one or more): Qualys certifications, Security+, CEH (or equivalent), ITIL Foundation.

Key Responsibilities

ob Title: Cybersecurity Vulnerability Management SME (Qualys VMDR) Role Summary The Vulnerability Management SME will own and drive end to end vulnerability management with a strong focus on risk based prioritization, KEV handling, remediation governance, and executive reporting. This role is hands on and outcome driven, bridging security findings with real remediation results. Key Responsibilities • Own the vulnerability lifecycle: identify, prioritize, remediate, verify, and report • Operate and optimize Qualys VMDR for accurate detection and risk based prioritization • Convert scanner findings into clear, actionable remediation guidance • Identify vulnerabilities impacting the organization from CISA KEV and maintain a “KEV affecting us” priority fix list • Drive remediation through ITSM workflows: ticketing, follow ups, SLA tracking, and escalation • Verify fixes through rescans and remediation validation • Produce operational and executive dashboards showing risk trends, KEV exposure, and SLA compliance Required Skills:

• Hands on Qualys VMDR experience with risk based vulnerability prioritization and reporting • Strong Qualys Knowledge Base / QID expertise, including QID to CVE mapping and remediation interpretation • Ability to correlate Qualys detections with CISA Known Exploited Vulnerabilities (KEV) • Strong Excel skills (pivot tables, Power Query, data cleanup, reconciliation) and Power BI skills (data model, DAX basics, dashboards for vuln/KEV trends and SLA tracking). Additional Expectations • Strong understanding of CVE, CVSS, exploitability, patchability, and compensating controls • Ability to work across infrastructure, application, and cloud teams to drive remediation • Clear communication with both technical teams and leadership • Audit ready documentation and disciplined execution • Flexibility to work in 247 rotational shifts environment. Experience • 5–10+ years in cybersecurity • 3–6+ years focused on vulnerability management and remediation governance • Preferred certifications (one or more): Qualys certifications, Security+, CEH (or equivalent), ITIL Foundation.

Skill Requirements

ob Title: Cybersecurity Vulnerability Management SME (Qualys VMDR) Role Summary The Vulnerability Management SME will own and drive end to end vulnerability management with a strong focus on risk based prioritization, KEV handling, remediation governance, and executive reporting. This role is hands on and outcome driven, bridging security findings with real remediation results. Key Responsibilities • Own the vulnerability lifecycle: identify, prioritize, remediate, verify, and report • Operate and optimize Qualys VMDR for accurate detection and risk based prioritization • Convert scanner findings into clear, actionable remediation guidance • Identify vulnerabilities impacting the organization from CISA KEV and maintain a “KEV affecting us” priority fix list • Drive remediation through ITSM workflows: ticketing, follow ups, SLA tracking, and escalation • Verify fixes through rescans and remediation validation • Produce operational and executive dashboards showing risk trends, KEV exposure, and SLA compliance Required Skills:

• Hands on Qualys VMDR experience with risk based vulnerability prioritization and reporting • Strong Qualys Knowledge Base / QID expertise, including QID to CVE mapping and remediation interpretation • Ability to correlate Qualys detections with CISA Known Exploited Vulnerabilities (KEV) • Strong Excel skills (pivot tables, Power Query, data cleanup, reconciliation) and Power BI skills (data model, DAX basics, dashboards for vuln/KEV trends and SLA tracking). Additional Expectations • Strong understanding of CVE, CVSS, exploitability, patchability, and compensating controls • Ability to work across infrastructure, application, and cloud teams to drive remediation • Clear communication with both technical teams and leadership • Audit ready documentation and disciplined execution • Flexibility to work in 247 rotational shifts environment. Experience • 5–10+ years in cybersecurity • 3–6+ years focused on vulnerability management and remediation governance • Preferred certifications (one or more): Qualys certifications, Security+, CEH (or equivalent), ITIL Foundation.

Other Requirements

ob Title: Cybersecurity Vulnerability Management SME (Qualys VMDR) Role Summary The Vulnerability Management SME will own and drive end to end vulnerability management with a strong focus on risk based prioritization, KEV handling, remediation governance, and executive reporting. This role is hands on and outcome driven, bridging security findings with real remediation results. Key Responsibilities • Own the vulnerability lifecycle: identify, prioritize, remediate, verify, and report • Operate and optimize Qualys VMDR for accurate detection and risk based prioritization • Convert scanner findings into clear, actionable remediation guidance • Identify vulnerabilities impacting the organization from CISA KEV and maintain a “KEV affecting us” priority fix list • Drive remediation through ITSM workflows: ticketing, follow ups, SLA tracking, and escalation • Verify fixes through rescans and remediation validation • Produce operational and executive dashboards showing risk trends, KEV exposure, and SLA compliance Required Skills:

• Hands on Qualys VMDR experience with risk based vulnerability prioritization and reporting • Strong Qualys Knowledge Base / QID expertise, including QID to CVE mapping and remediation interpretation • Ability to correlate Qualys detections with CISA Known Exploited Vulnerabilities (KEV) • Strong Excel skills (pivot tables, Power Query, data cleanup, reconciliation) and Power BI skills (data model, DAX basics, dashboards for vuln/KEV trends and SLA tracking). Additional Expectations • Strong understanding of CVE, CVSS, exploitability, patchability, and compensating controls • Ability to work across infrastructure, application, and cloud teams to drive remediation • Clear communication with both technical teams and leadership • Audit ready documentation and disciplined execution • Flexibility to work in 247 rotational shifts environment. Experience • 5–10+ years in cybersecurity • 3–6+ years focused on vulnerability management and remediation governance • Preferred certifications (one or more): Qualys certifications, Security+, CEH (or equivalent), ITIL Foundation.