We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Qualys jobs

Manager, Security Analyst

Qualys
United States, North Carolina, Raleigh
3801 Lake Boone Trail (Show on map)
Jun 18, 2025

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Join our growing cyber fusion center team as a Manager, Security Analyst, where you will be responsible for leading a team of security analysts focused on vulnerability management, endpoint protection, and cloud security posture. This role combines technical leadership with hands-on operational responsibility, emphasizing strategic oversight of Qualys solutions, CSPM, and EDR/EPP tools. You will drive key initiatives in automation, compliance, and threat management while mentoring junior staff and engaging with cross-functional teams to strengthen our enterprise security. A key aspect of this role includes leading the initiative to establish and operationalize the Qualys Risk Operations Center (ROC), leveraging the Qualys Enterprise TruRisk (ETM) module to provide a centralized and risk-based view of the organization's security posture.

Key Responsibilities:

Leadership & Strategic Oversight:

  • Lead and mentor a team of security analysts across vulnerability management, CSPM, and endpoint security functions.

  • Provide technical leadership and guidance on best practices, security frameworks, and tooling across the cybersecurity domain.

  • Collaborate with DevOps, Infrastructure, and Application teams to embed security into operations and development workflows.

  • Drive strategic planning for security automation, tool integration, and policy improvements.

Vulnerability Management (Qualys):

  • Oversee enterprise-wide deployment, optimization, and governance of Qualys Vulnerability Management and Policy Compliance modules.

  • Ensure consistent and complete asset coverage across operating systems, databases, network devices, containers, and web applications.

  • Perform vulnerability analysis, prioritize risk-based remediation, and support IT teams in mitigation strategies.

  • Implement and manage system hardening policies in alignment with standards such as CIS Benchmarks, DISA STIG, and ISO 27001.

Cloud Security Posture Management (CSPM):

  • Lead configuration audits, misconfiguration detection, and remediation across cloud environments (AWS, Azure, GCP).

  • Integrate CSPM tooling with CI/CD pipelines and drive cloud governance initiatives across business units.

  • Define security baselines and enforce compliance with regulatory frameworks and internal controls.

Endpoint Protection (EDR/EPP):

  • Manage deployment and operational oversight of EDR/EPP solutions.

  • Respond to endpoint threats, coordinate incident response, and work closely with the SOC for investigation and threat hunting.

  • Ensure visibility and protection across all endpoint devices and integrate alerts into SIEM/SOAR platforms.

Automation & Orchestration:

  • Design and implement automation workflows for recurring security tasks such as patch validation, asset scanning, and remediation tracking.

  • Lead efforts in integrating security tools (Qualys, CSPM, EDR/EPP) with orchestration platforms for real-time monitoring and actioning.

  • Optimize operational efficiency by reducing manual interventions and streamlining processes.

Governance, Risk, and Compliance:

  • Ensure alignment with industry standards (NIST, ISO 27001, SOC 2) and internal governance policies.

  • Drive regular internal audits, risk assessments, and support external compliance reviews.

  • Maintain documentation of security configurations, workflows, and standard operating procedures.

Stakeholder Engagement:

  • Liaise with product and engineering teams to understand upcoming changes and proactively address security impacts.

  • Collaborate with Qualys support and user communities to resolve issues, stay updated on features, and promote knowledge sharing.

  • Report regularly to senior leadership on risk posture, vulnerabilities, and improvement metrics.

Qualifications & Skills:

  • Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or related field.

  • Proficiency in deploying and managing Qualys VMDR and Policy Compliance, CSPM tools, and EDR/EPP platforms (e.g., CrowdStrike, SentinelOne, Defender).

  • Proven experience in designing, implementing, and managing vulnerability and endpoint security programs.

  • Strong understanding of cloud platforms (AWS, Azure, GCP) and secure DevOps practices.

  • Experience in automation using tools such as Ansible, Python, or integration with SOAR.

  • Excellent written and verbal communication skills; ability to convey technical risks to non-technical stakeholders.

  • Relevant certifications preferred: CISSP, CISM, CEH, OSCP, GCFA, or Qualys Certifications.

Qualys is an Equal Opportunity Employer, please see our EEO policy.

Applied = 0
MORE JOBS LIKE THIS

(web-6787b74fd-l4cvn)