Cyber Risk Analyst

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

As a Cyber Risk Analyst, you will be a vital member of the Qualys Cyber Risk Experts Service, supporting enterprise customers with risk analysis, vulnerability assessment, and remediation guidance. Working within the Qualys Risk Operations Center (ROC), you will monitor, research, and contextualize threat and vulnerability data to help customers make informed decisions and reduce their cyber risk exposure.

You’ll collaborate with Senior Cyber Risk Advisors, Solution Architects, and Product teams to deliver timely and relevant insights that empower customers to prioritize and remediate the most critical risks across complex IT and cloud environments.

Responsibilities

• Perform continuous monitoring and analysis of customer vulnerability and asset risk data using the Qualys TruRisk Platform.
• Research threat intelligence, vulnerability disclosures, and exploit activity to determine risk relevance and customer impact.
• Generate reports, dashboards, and executive briefings to communicate key cyber risk trends and priorities.
• Track customer remediation progress and provide recommendations to accelerate risk reduction.
• Participate in operational cadence calls, vulnerability posture reviews, and ad-hoc investigations.
• Identify emerging issues across accounts and escalate high-risk findings to Senior Cyber Risk Advisors and threat research teams.
• Contribute to knowledge bases, playbooks, and service process improvements.
• Support onboarding of new customer environments into the service workflow.

Qualifications

Required:

• 2–4 years of experience in cybersecurity, IT risk, or threat analysis roles.
• Foundational knowledge of vulnerability management, CVEs, CVSS, and exploitability metrics.
• Strong data analysis and critical thinking skills; ability to work with complex datasets.
• Familiarity with common cybersecurity frameworks (e.g., NIST, CIS Controls).
• Excellent written and verbal communication skills, including comfort presenting to stakeholders.
• Experience with one or more vulnerability management, CNAPP, appsec, or cyber threat exposure management platforms.

Preferred:

• Experience working in a SOC, MSSP, or cyber advisory function.
• Familiarity with scripting or data querying languages (e.g., Python, SQL) a plus.
• Interest in learning cloud security (AWS, Azure, GCP).
• Relevant certifications (e.g., CEH, GSNA, Security+, GSEC, GCIA, GMON, Qualys VMDR Specialist) a plus.

Qualys is an Equal Opportunity Employer, please see our EEO policy.