AppSec Jobs
← Back to all jobs

Qualys

Principal Subject Matter Expert, Scanning Technologies

ColoradoWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Qualys

Qualys, Inc. is an American technology company based in Foster City, California, specializing in cloud-based security and compliance solutions. Founded in 1999, Qualys is recognized as a pioneer in software-as-a-service (SaaS) security, launching its flagship product, QualysGuard, in 2000. The company provides a unified cloud platform that delivers continuous security and compliance intelligence across various IT environments, including on-premises, cloud, and mobile devices. Qualys offers a comprehensive suite of services through its Qualys Cloud Platform, which includes Vulnerability Management, Asset Discovery, Cloud and Container Security, Web Application Security, Compliance Management, and more. The company serves over 10,000 subscription customers globally, including many from the Forbes Global 50, 500, and 2000. With strategic partnerships with major cloud providers and consulting firms, Qualys is positioned as a leading provider in unified cloud security and compliance, helping organizations protect their digital assets and meet regulatory requirements.

Industry

computer & network security

Employees

2,500

1383 engineers

Revenue

$608M

Website

Visit →

Security at Qualys

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Qualys' AppSec philosophy emphasizes embedding security early and continuously in the development lifecycle, fostering DevSecOps collaboration, and automating remediation without slowing down development.
  • They focus on risk-based prioritization, using TruRisk™ to quantify impact based on exploit likelihood, data sensitivity, and asset value.
  • Goals include simplifying remediation and bridging the gap between development and security through no-code automation.

Security Team

Information regarding Qualys' AppSec team organizational structure, reporting lines, team size estimates, and common skill/tool patterns from active job postings is not publicly available. However, a job posting indicates a "Vice President, Product Management – CNAPP, AppSec and AI Security"role, suggesting leadership in these areas.

Key Initiatives

  • Qualys' AppSec initiatives include a strong focus on "Shift Left"practices, embedding security early and continuously through native integrations with CI/CD pipelines like GitHub Actions, Azure DevOps, and Jenkins.
  • Their vulnerability management process involves auto-discovery of APIs and web applications, simplifying remediation with risk-based prioritization, and automating ticket creation in ServiceNow and Jira.
  • A significant recent initiative is the upcoming Qualys TotalAppSec, expected in Q1 2025, which will integrate API security, web application scanning, and AI-driven malware detection.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.