Cyber Risk Engineer (Forward Deployed)

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

About Qualys

Qualys, Inc. is a pioneer and leading provider of disruptive cloud-based IT, security, and compliance solutions. Our Enterprise TruRisk Management platform empowers organizations to measure, communicate, and eliminate cyber risk with precision. Qualys’ innovative technologies are trusted by thousands of global organizations.

Position Summary

Qualys is building the future of cyber risk management with Enterprise TruRisk Management (ETM) —a platform that enables organizations to measure, communicate, and eliminate cyber risk across the enterprise. We are seeking a Cyber Risk Engineer (Forward Deployed) to operate at the intersection of engineering, AI, and customer deployment. This role focuses on helping customers rapidly onboard data into ETM by building custom connectors, automating workflows, and applying AI-driven intelligence to deliver the broadest, most accurate, and most actionable view of cyber risk. The Cyber Risk Engineer embeds directly with customers to translate complex, fragmented environments into a unified, operational risk model.

Responsibilities

• Risk Data Engineering & Integration: Lead complex customer onboarding engagements within the Advanced RiskOps Group. Design and build custom connectors, ingestion pipelines, and APIs to integrate data into ETM from various sources including vulnerability and exposure management platforms, EDR/XDR and identity systems, cloud and hybrid infrastructure, CMDBs, business systems, and GRC platforms. Normalize, enrich, and correlate disparate datasets into a unified enterprise risk model.
• RiskOps Automation & Orchestration: Engineer automated RiskOps workflows including continuous data ingestion and validation, risk scoring, prioritization, and trend analysis, ownership assignment and remediation tracking, and executive, board, and regulator-ready reporting. Build orchestration between ETM and downstream systems to operationalize risk decisions.
• AI-Driven Risk Intelligence: Apply AI and LLM-based techniques to enhance accuracy, speed, and clarity of cyber risk insights. Develop capabilities such as asset and identity entity resolution across silos, intelligent mapping of exposures to crown jewels, automated risk narratives aligned to business language, and signal-to-noise reduction across massive security datasets. Partner with ETM platform and data science teams to move successful Q-ARG innovations into core product capabilities.
• Advanced RiskOps Enablement: Support delivery of Q-ARG offerings such as Enterprise Risk Onboarding & Data Foundation builds, Crown Jewel Analysis & Business Impact Assessments, and CTEM operationalization. Translate cyber frameworks (OCTAVE, NIST, FAIR, CTEM) into executable workflows inside ETM.
• Product Feedback & Platform Evolution: Act as the real-world feedback loop between customers and ETM product engineering. Identify systemic data, workflow, and modeling gaps. Help shape ETM roadmap priorities based on operational reality.
• Trusted Advisor to Risk Leaders: Partner with CISOs, Heads of Risk, and RiskOps leaders to operationalize cyber risk programs. Translate technical risk into clear, defensible business insight. Support customers as they mature from visibility to prioritization, decision-making, and action.

Qualifications

• Engineering & Data Expertise: Strong background in software, data, or platform engineering. Experience with Python, Java, Go, or similar languages, REST APIs, webhooks, and asynchronous systems, ETL/ELT pipelines and data normalization. Familiarity with relational, NoSQL, search, or graph-based data platforms.
• Cyber Risk & Security Understanding: Knowledge of cybersecurity domains including vulnerability and exposure management, cloud and hybrid environments, identity and access management, threat modeling and attack paths, and risk frameworks and governance concepts.
• AI & Automation: Hands-on experience using AI/LLMs for data enrichment and summarization, classification and correlation, and decision support and workflow automation. Comfortable prototyping and iterating rapidly in production environments.
• RiskOps Mindset: Comfortable operating in ambiguous, high-impact customer environments. Strong communication skills across technical and executive audiences. Builder mentality with bias toward execution over documentation.