Lead Vulnerability Analyst

Job description

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Qualys is seeking a Lead Vulnerability Analyst to serve as a senior technical leader within the Product Security Incident Response Team (PSIRT). This individual will own the end-to-end lifecycle of vulnerability identification, triage, coordination, and disclosure across the Qualys product portfolio. You will operate at the intersection of security engineering, incident response, and cross-functional program management, ensuring that Qualys products maintain the highest security posture for our global customer base.

This is a high-visibility role requiring deep technical expertise, collaboration, executive communication skills, and the judgment to navigate complex vulnerability scenarios under pressure. You will work closely with Engineering, Product Management, and Security leadership to drive accountability, accelerate remediation, and continuously mature the PSIRT function. This is a role for a mid-career professional that operates like an owner.

Vulnerability Assessment & Incident Coordination

• Assess and triage vulnerabilities reported through internal discovery, external researchers, and automated tooling across the Qualys product portfolio of more than 35 products.
• Coordinate software incident handling across Engineering, Product, and Security teams in alignment with ISO/IEC 30111 and ISO/IEC 29147 standards.
• Lead major incident response for high-severity and zero-day vulnerabilities, managing cross-functional war rooms through resolution.
This is an excerpt. Read the full job description on Qualys careers →