Manager, Security Analyst Position Available In Wake, North Carolina

Manager, Security Analyst
locations
Raleigh
time type
Full time
posted on
Posted 3 Days Ago
job requisition id

R0003426

Come work at a place w innovation and teamworke together to support the most exciting missions in the world!
Join our growing cyber fusion center team as a Manager, Security Analyst, w you will be responsible for leading a team of security analysts focused on vulnerability management, endpoint protection, and cloud security posture. This rolebines technical leadership with hands-on operational responsibility, emphasizing strategic oversight of Qualys solutions, CSPM, and EDR/EPP tools. You will drive key initiatives in automation,pliance, and threat management while mentoring junior staff and engaging with cross-functional teams to strengthen our enterprise security. A key aspect of this role includes leading the initiative to establish and operationalize the Qualys Risk Operations Center (ROC), leveraging the Qualys Enterprise TruRisk (ETM) module to provide a centralized and risk-based view of theanization’s security posture.

Key Responsibilities:

Leadership & Strategic Oversight:

Lead and mentor a team of security analysts across vulnerability management, CSPM, and endpoint security functions.
Provide technical leadership and guidance on best practices, security frameworks, and tooling across the cybersecurity domain.
Collaborate with DevOps, Infrastructure, and Application teams to embed security into operations and development workflows.
Drive strategic planning for security automation, tool integration, and policy improvements.
Vulnerability Management (Qualys):
Oversee enterprise-wide deployment, optimization, andernance of Qualys Vulnerability Management and Policy Compliance modules.
Ensure consistent andplete asset coverage across operating systems, databases, network devices, containers, and web applications.
Perform vulnerability analysis, prioritize risk-based remediation, and support IT teams in mitigation strategies.
Implement and manage system hardening policies in alignment with standards such as CIS Benchmarks, DISA STIG, and

ISO 27001.

Cloud Security Posture Management (CSPM):
Lead configuration audits, misconfiguration detection, and remediation across cloud environments (AWS, Azure, GCP).
Integrate CSPM tooling with CI/CD pipelines and drive cloudernance initiatives across business units.
Define security baselines and enforcepliance with regulatory frameworks and internal controls.
Endpoint Protection (EDR/EPP):
Manage deployment and operational oversight of EDR/EPP solutions.
Respond to endpoint threats, coordinate incident response, and work closely with the SOC for investigation and threat hunting.
Ensure visibility and protection across all endpoint devices and integrate alerts into

SIEM/SOAR

platforms.

Automation & Orchestration:

Design and implement automation workflows for recurring security tasks such as patch validation, asset scanning, and remediation tracking.
Lead efforts in integrating security tools (Qualys, CSPM, EDR/EPP) with orchestration platforms for real-time monitoring and actioning.
Optimize operational efficiency by reducing manual interventions and streamlining processes.

Governance, Risk, and Compliance:

Ensure alignment with industry standards (NIST, ISO 27001, SOC 2) and internalernance policies.
Drive regular internal audits, risk assessments, and support externalpliance reviews.
Maintain documentation of security configurations, workflows, and standard operating procedures.

Stakeholder Engagement:

Liaise with product and engineering teams to understand uing changes and proactively address security impacts.
Collaborate with Qualys support and usermunities to resolve issues, stay updated on features, and promote kledge sharing.
regularly to senior leadership on risk posture, vulnerabilities, and improvement metrics.

Qualifications & Skills:

Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
Proficiency in deploying and managing Qualys VMDR and Policy Compliance, CSPM tools, and EDR/EPP platforms (e.g., CrowdStrike, SentinelOne, Defender).
Proven experience in designing, implementing, and managing vulnerability and endpoint security programs.
Strong understanding of cloud platforms (AWS, Azure, GCP) and secure DevOps practices.
Experience in automation using tools such as Ansible, Python, or integration with SOAR.
Excellent written and verbalmunication skills; ability to convey technical risks to non-technical stakeholders.
Relevant certifications preferred: CISSP, CISM, CEH, OSCP, GCFA, or Qualys Certifications.
Qualys is an Equal Opportunity Employer, please see our EEO policy.