Qualys Security Engineer

Job DescriptionLocation: Romania (Hybrid)Schedule: 10:00 – 19:00Team: Security Operations (Platform Management)Contract; Full-time We are looking for a Qualys Security Engineer to join our global Security Operations (Platform Management) team. This role is an opportunity to drive enterprise-level vulnerability detection across a large-scale environment, shaping visibility, stability, and supporting the company’s vulnerability management program. You will work hands-on with Qualys and other vulnerability detection tools, while collaborating with multiple engineering, architecture and operational teams. Key Responsibilities:Administration and tuning of Qualys across a global tenantOperational and technical support for the Qualys security platform to ensure continuous vulnerability management and asset visibility across enterprise environmentsAdvanced configurations: connectors, FIM, QGS, agent support, user/access managementAsset tagging, QQL, dashboards, and reportingPerform configurations, troubleshooting, deployments and tweaking for the Qualys suite and other vulnerability detection toolsConduct Qualys agent investigations, identify root causes, propose and implement durable corrective actionsCollaborate with SOC, Endpoint Security, Network, Analytics and Architecture teams to maintain security controls, support remediation, and ensure platform reliabilityDrive improvements in the vulnerability detection activities through agent configuration/remote scanning, troubleshooting, automation, enrichment, and workflow enhancementsHelp with complex incident response actions related to vulnerability detection and support major security initiativesEnsure high-quality handling of request/incident and changes using SNOW and Jira, working fully aligned with ITIL processesParticipate in the elaboration and maintenance of Qualys documentation using Confluence Qualifications:Hands-on experience with Qualys or similar vulnerability detection tools, operating at enterprise scaleUnderstanding of Qualys agents and the way they work, Qualys connectors, Qualys QGS, scanners (both on prem and virtual), FIMExperience in handling Qualys agent issues, tweaking of scanning profiles, network connectivity issuesAbility to read, interpret, and correlate logs from multiple sources (with focus on Qualys logs used to troubleshoot issues)Experience with ITIL processes and working with SNOW/JiraExcellent troubleshooting skills and comfort with complex, distributed systemsStrong communication skills in English and ability to work with global teams and vendorsAbility to take ownership, challenge existing configurations, and influence security posture through data-driven decisionsStrong documentation, communication, and cross‑team collaboration skills  Nice to have Skills:Experience with vulnerability detection tools (Qualys is a plus)Basic scripting knowledge for automation, enrichment, or bulk configuration changesFamiliarity with Jira/Service Now/ConfluenceExperience in large, regulated environments (pharma, finance, manufacturing)Exposure to Security Operations/SOC collaboration, threat intel workflows, or cloud-security initiatives What we offer:A hybrid work environment with flexibilityCompetitive salary and benefits packageOpportunities for professional growth and further trainingA dynamic and supportive team environment, collaborating on the latest in security technologies.Required Skills: Automation, Availability Management, Change Controls, Collaborative Communications, Enterprise Resource Planning (ERP), Financial Advising, Global Team Collaboration, Incident Management, Management System Development, Network Connectivity, Platform Management, Problem Management, Quality Assurance (QA), Quality Management, QualysGuard, Security Management, Security Technologies, Service Delivery, SLA Management, Software Configurations, Software Development Life Cycle (SDLC), Testing, Vulnerability ManagementPreferred Skills: Current Employees apply HERECurrent Contingent Workers apply HERESearch Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company.  No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status: RegularRelocation:No relocationVISA Sponsorship:NoTravel Requirements:No Travel RequiredFlexible Work Arrangements:HybridShift:Not IndicatedValid Driving License:NoHazardous Material(s):n/aJob Posting End Date:06/28/2026*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.