Security Consultant - Qualys Patch Management & Vulnerability

Project context

Project Details

• Location: Madrid

• - First month fully onsite, then hybrid (1-2 days onsite)

• - Start date: ASAP (Early July)

• - Duration: Until end of 2026

• - Extension possibility: Yes

• - Language(s): English (Mandatory); Spanish or French (Plus)

• Seniority: 3-5 years (Confirmed level)

Project Summary

We are establishing a new information security practice to ensure a coordinated response to the increasing threat of cybersecurity and to enable consistent decision-making across the organization. In this context, a significant product evolution is required, transitioning from Vulnerability Management to Patch Management. This includes validation through Security, Architecture, and Product governance processes, supported by the production of technical and functional documentation. The service will be carried out within a collaborative delivery environment.

Goals and deliverables

Main Responsibilities & Key Activities

• Execution of Proofs of Concept (POC) and deployment activities related to Qualys Patch Management implementation

• Utilization of the Qualys platform, including the Patch Management module, dashboarding, and CAR module

• Documentation of data integration workflows

• Contribution to architecture workshops for presentation and governance validation

• Integration and management of assets within Qualys Guard modules

• Contribution to the product evolution from Vulnerability Management to ROC, including integration of Patch Management and TruRisk Eliminate capabilities

• Production of technical and functional documentation supporting Security, Architecture, and Product governance validation

• Development of dashboards, reporting structures, and associated KPIs related to vulnerability management

Experience Required

Mandatory Experience

• Proven expertise in vulnerability management tools (e.g., Kenna, Nexpose, Tenable, Qualys)

• Practical experience with the Qualys platform (usage and optimization)

• Expertise in patch management tools (e.g., Qualys, Ivanti)

• Advanced knowledge of ITSM solutions such as ServiceNow

• Expertise in dashboarding, KPI development, metrics definition, and trend analysis for vulnerability management

• Demonstrated capability to manage technical deployments and product evolution initiatives within security environments

• Ability to contribute to architecture discussions and document integration workflows

• Capacity to design and enhance reporting frameworks including KPIs and performance tracking

Preferred Experience

• Scripting capabilities using PowerShell and Python

• Experience coordinating activities across multiple technical streams within a security-focused context