Senior Vulnerability Analyst

Job description

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Qualys is seeking a Senior Vulnerability Analyst to join the Product Security Incident Response Team (PSIRT) as a hands-on technical practitioner. Reporting to the Lead Vulnerability Analyst, you will execute the day-to-day work of vulnerability discovery, triage, analysis, and remediation tracking across a product portfolio of more than 35 products. Where the Lead owns program-level strategy, cross-functional accountability, and executive communications, this role is responsible for the depth and rigor of the technical analysis that underpins every PSIRT decision.

This is an individual contributor role for a mid-career security professional who thrives in the details: reviewing source code to assess exploitability, writing precise advisories, building detection logic, and driving engineering teams toward timely remediation. You will work across the full vulnerability lifecycle, from initial intake through coordinated disclosure, and contribute directly to the tools, automation, and processes that make the PSIRT function scale.

Vulnerability Analysis & Triage

• Perform deep technical analysis of reported vulnerabilities, including root-cause investigation, exploitability assessment, CVSS and SSVC scoring, and impact determination across affected products.
• Triage incoming vulnerability reports from internal scanners, SCA tooling, external researchers, and coordinated disclosure channels, ensuring accurate classification and priority assignment.
This is an excerpt. Read the full job description on Qualys careers →