Job Description

Location: Romania (Hybrid)

Schedule: 10:00 – 19:00

Team: Security Operations (Platform Management)

Contract; Full-time

We are looking for a Qualys Security Engineer to join our global Security Operations (Platform Management) team. This role is an opportunity to drive enterprise-level vulnerability detection across a large-scale environment, shaping visibility, stability, and supporting the company’s vulnerability management program.

You will work hands-on with Qualys and other vulnerability detection tools, while collaborating with multiple engineering, architecture and operational teams.

Key Responsibilities:

• Administration and tuning of Qualys across a global tenant
• Operational and technical support for the Qualys security platform to ensure continuous vulnerability management and asset visibility across enterprise environments
• Advanced configurations: connectors, FIM, QGS, agent support, user/access management
• Asset tagging, QQL, dashboards, and reporting
• Perform configurations, troubleshooting, deployments and tweaking for the Qualys suite and other vulnerability detection tools
• Conduct Qualys agent investigations, identify root causes, propose and implement durable corrective actions
• Collaborate with SOC, Endpoint Security, Network, Analytics and Architecture teams to maintain security controls, support remediation, and ensure platform reliability
• Drive improvements in the vulnerability detection activities through agent configuration/remote scanning, troubleshooting, automation, enrichment, and workflow enhancements
• Help with complex incident response actions related to vulnerability detection and support major security initiatives
• Ensure high-quality handling of request/incident and changes using SNOW and Jira, working fully aligned with ITIL processes
• Participate in the elaboration and maintenance of Qualys documentation using Confluence

Qualifications:

• Hands-on experience with Qualys or similar vulnerability detection tools, operating at enterprise scale
• Understanding of Qualys agents and the way they work, Qualys connectors, Qualys QGS, scanners (both on prem and virtual), FIM
• Experience in handling Qualys agent issues, tweaking of scanning profiles, network connectivity issues
• Ability to read, interpret, and correlate logs from multiple sources (with focus on Qualys logs used to troubleshoot issues)
• Experience with ITIL processes and working with SNOW/Jira
• Excellent troubleshooting skills and comfort with complex, distributed systems
• Strong communication skills in English and ability to work with global teams and vendors
• Ability to take ownership, challenge existing configurations, and influence security posture through data-driven decisions
• Strong documentation, communication, and cross‑team collaboration skills

Nice to have Skills:

• Experience with vulnerability detection tools (Qualys is a plus)
• Basic scripting knowledge for automation, enrichment, or bulk configuration changes
• Familiarity with Jira/Service Now/Confluence
• Experience in large, regulated environments (pharma, finance, manufacturing)
• Exposure to Security Operations/SOC collaboration, threat intel workflows, or cloud-security initiatives

What we offer:

• A hybrid work environment with flexibility
• Competitive salary and benefits package
• Opportunities for professional growth and further training
• A dynamic and supportive team environment, collaborating on the latest in security technologies.

Required Skills:

Automation, Availability Management, Change Controls, Collaborative Communications, Enterprise Resource Planning (ERP), Financial Advising, Global Team Collaboration, Incident Management, Management System Development, Network Connectivity, Platform Management, Problem Management, Quality Assurance (QA), Quality Management, QualysGuard, Security Management, Security Technologies, Service Delivery, SLA Management, Software Configurations, Software Development Life Cycle (SDLC), Testing, Vulnerability Management

Preferred Skills:

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Regular

Relocation:

No relocation

VISA Sponsorship:

No

Travel Requirements:

No Travel Required

Flexible Work Arrangements:

Hybrid

Shift:

Not Indicated

Valid Driving License:

No

Hazardous Material(s):

n/a

Job Posting End Date:

06/28/2026

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.