Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Title: Cyber Risk Engineer (Forward Deployed)
Location: Remote / Hybrid
Job Type: Full-Time
Reports to: Executive Vice President & GM of Risk Management
About Qualys
Qualys, Inc. is a pioneer and leading provider of disruptive cloud-based IT, security, and compliance solutions. Our Enterprise TruRisk Management platform empowers organizations to measure, communicate, and eliminate cyber risk with precision. Qualys’ innovative technologies are trusted by thousands of global organizations.
Position Summary
Qualys is building the future of cyber risk management with Enterprise TruRisk Management (ETM)—a platform that enables organizations to measure, communicate, and eliminate cyber risk across the enterprise.
We are seeking a Cyber Risk Engineer (Forward Deployed) to operate at the intersection of engineering, AI, and customer deployment. This role focuses on helping customers rapidly onboard data into ETM by building custom connectors, automating workflows, and applying AI-driven intelligence to deliver the broadest, most accurate, and most actionable view of cyber risk.
The Cyber Risk Engineer embeds directly with customers to translate complex, fragmented environments into a unified, operational risk model.
Responsibilities
Risk Data Engineering & Integration
- Lead complex customer onboarding engagements within the Advanced RiskOps Group.
- Design and build custom connectors, ingestion pipelines, and APIs to integrate data into ETM from:
- Vulnerability and exposure management platforms
- EDR/XDR and identity systems
- Cloud and hybrid infrastructure
- CMDBs, business systems, and GRC platforms
- Normalize, enrich, and correlate disparate datasets into a unified enterprise risk model.
RiskOps Automation & Orchestration
- Engineer automated RiskOps workflows including:
- Continuous data ingestion and validation
- Risk scoring, prioritization, and trend analysis
- Ownership assignment and remediation tracking
- Executive, board, and regulator-ready reporting
- Build orchestration between ETM and downstream systems to operationalize risk decisions.
AI-Driven Risk Intelligence
- Apply AI and LLM-based techniques to enhance accuracy, speed, and clarity of cyber risk insights.
- Develop capabilities such as:
- Asset and identity entity resolution across silos
- Intelligent mapping of exposures to crown jewels
- Automated risk narratives aligned to business language
- Signal-to-noise reduction across massive security datasets
- Partner with ETM platform and data science teams to move successful Q-ARG innovations into core product capabilities.
Advanced RiskOps Enablement
- Support delivery of Q-ARG offerings such as:
- Enterprise Risk Onboarding & Data Foundation builds
- Crown Jewel Analysis & Business Impact Assessments
- CTEM operationalization
- Attack Path–informed risk prioritization
- Translate cyber frameworks (OCTAVE, NIST, FAIR, CTEM) into executable workflows inside ETM.
Product Feedback & Platform Evolution
- Act as the real-world feedback loop between customers and ETM product engineering.
- Identify systemic data, workflow, and modeling gaps.
- Help shape ETM roadmap priorities based on operational reality.
Trusted Advisor to Risk Leaders
- Partner with CISOs, Heads of Risk, and RiskOps leaders to operationalize cyber risk programs.
- Translate technical risk into clear, defensible business insight.
- Support customers as they mature from visibility → prioritization → decision-making → action.
Qualifications
Engineering & Data Expertise
- Strong background in software, data, or platform engineering.
- Experience with:
- Python, Java, Go, or similar languages
- REST APIs, webhooks, and asynchronous systems
- ETL/ELT pipelines and data normalization
- Familiarity with relational, NoSQL, search, or graph-based data platforms.
Cyber Risk & Security Understanding
- Knowledge of cybersecurity domains including:
- Vulnerability and exposure management
- Cloud and hybrid environments
- Identity and access management
- Threat modeling and attack paths
- Risk frameworks and governance concepts
AI & Automation
- Hands-on experience using AI/LLMs for:
- Data enrichment and summarization
- Classification and correlation
- Decision support and workflow automation
- Comfortable prototyping and iterating rapidly in production environments.
RiskOps Mindset
- Comfortable operating in ambiguous, high-impact customer environments.
- Strong communication skills across technical and executive audiences.
- Builder mentality with bias toward execution over documentation.
#LI-REMOTE
#LI-FC1
Top Skills
What We Do
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.
The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com
