Patch Compliance Engineer - Qualys - MEXICO

We are CirrusLabs . Our vision is to become the world's most sought-after niche digital transformation company that helps customers realize value through innovation. Our mission is to co-create success with our customers, partners and community. Our goal is to enable employees to dream, grow and make things happen. We are committed to excellence. We are a dependable partner organization that delivers on commitments. We strive to maintain integrity with our employees and customers. Every action we take is driven by value. The core of who we are is through our well-knit teams and employees. You are the core of a values driven organization. You have an entrepreneurial spirit. You enjoy working as a part of well-knit teams. You value the team over the individual. You welcome diversity at work and within the greater community. You aren't afraid to take risks. You appreciate a growth path with your leadership team that journeys how you can grow inside and outside of the organization. You thrive upon continuing education programs that your company sponsors to strengthen your skills and for you to become a thought leader ahead of the industry curve. You are excited about creating change because your skills can help the greater good of every customer, industry and community. We are hiring a talented to join our team. If you're excited to be part of a winning team, CirrusLabs ( ) is a great place to grow your career. About the Opportunity We are a trusted technology consultancy supporting a Fortune 50 enterprise IT organization in delivering a large-scale patch compliance transformation. We are building a high-performing team of Security Compliance Engineers to support patching, remediation, reporting, and tooling optimization across an enterprise workstation environment exceeding 215,000 Windows and Linux endpoints. This team will play a central role in improving the client's overall endpoint security posture, reducing vulnerability exposure, and driving compliance maturity. Engineers will work in close coordination with an Architect-level lead and other infrastructure teams across the enterprise. Role Summary As a Security Compliance Engineer - Qualys Workstation Patching, you will serve as the vulnerability management and reporting expert within a broader patch compliance engineering team. Your primary focus will be to leverage Qualys and Qualys VMDR for identifying exploitable vulnerabilities across the enterprise workstation fleet and translating that data into actionable remediation plans. You will collaborate with patch deployment specialists (SCCM, Intune, PatchMyPC) to drive prioritization, reporting, and compliance visibility. Your insights will directly influence reimaging strategies, patch target identification, and long-term risk posture improvements. Key Responsibilities Vulnerability Assessment & Prioritization Leverage Qualys and Qualys VMDR to detect, prioritize, and track endpoint vulnerabilities Analyze scan results to determine patch applicability and urgency Identify high-risk exposures and align with patch deployment team for timely remediation Reporting & Governance Develop and maintain dashboards and reports on remediation progress, historical trends, and unpatched systems Support coordination with Contact Center and CXO teams to flag reimage candidates Provide visibility to leadership on risk posture, compliance rates, and SLA tracking Cross-Tool Collaboration Align Qualys outputs with SCCM, Intune, and PatchMyPC patching workflows Partner with remediation engineers to map vulnerabilities to deployment baselines and automation plans Proactive Remediation Support Assist in identifying attack surface reduction opportunities through data-driven insights Contribute to blocking patterns for recurring high-risk software and applications Technology Stack & Tooling Focus While Qualys is your primary domain, collaboration across the full ecosystem is essential: Vulnerability Reporting Qualys, Qualys VMDR Windows OS Patching Windows Autopatch, SCCM Microsoft Office Patching Cloud Update, SCCM Third-Party Application Patching PatchMyPC, SCCM, Qualys VMDR, Nexthink Required Qualifications 5+ years of experience in endpoint security or vulnerability management in large enterprise environments Advanced hands-on experience with Qualys and Qualys VMDR, particularly for vulnerability detection and risk scoring Familiarity with patching tools such as SCCM, Intune, and PatchMyPC Experience translating vulnerability data into actionable patch plans and risk reports Proficiency with dashboarding and compliance metrics using native tools or BI platforms Strong communication and collaboration skills across security and IT operations teams Preferred Qualifications Experience in enterprise environments with 100,000+ endpoints Knowledge of endpoint compliance frameworks (e.g., CIS Benchmarks, NIST, ISO 27001) Familiarity with risk orchestration platforms such as Brinqa and Vulcan Understanding of remediation prioritization workflows in matrixed environments Previous participation in centralized vulnerability management or GRC teams

Created: 2026-03-10