Senior Cyber Risk Advisor

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

As a Senior Cyber Risk Advisor, you will serve as a trusted partner to CISOs and senior security leaders, helping them turn their cyber risk strategy into reality. You will work within the Qualys Cyber Risk Experts Service to design and drive implementation plans that align with each customer's unique business objectives, technical architecture, and regulatory mandates.

Your primary mission is to operationalize the customer's vision for cyber risk quantification and reduction through the Qualys ETM platform. You'll lead executive workshops, facilitate cross-functional planning, and guide customers in identifying the risk signals that matter most-ensuring they achieve measurable outcomes and enterprise-wide risk alignment.

This is a strategic, customer-facing role that blends executive advisory, threat analysis, platform knowledge, and real-world impact.

Responsibilities

• Translate strategic intent into execution: Engage with CISOs and executive stakeholders to understand their goals for cyber risk quantification and build phased, actionable implementation roadmaps using the ETM platform.
• Prioritize the right risk signals: Work with customers to evaluate, select, and rationalize the most relevant signals (e.g., vulnerabilities, misconfigurations, asset sensitivity, exploitability) based on their environment, business model, and risk tolerance.
• Lead executive risk briefings: Present program progress and key findings to boards, executives, and technical leaders to build alignment and accountability.
• Develop custom risk models: Guide organizations in mapping business risk to cybersecurity data using frameworks like FAIR, NIST CSF, MITRE ATT&CK, and internal risk registers.
• Act as a strategic bridge: Collaborate with Deployment Strategists, Product Managers, and ROC Analysts to ensure technical delivery aligns with strategic outcomes.
• Drive maturity assessments and gap analysis: Evaluate a customer's cyber risk management maturity and provide clear guidance on how to evolve their posture and governance.
• Inform platform roadmap: Act as a voice of the customer to the Product and Engineering teams by sharing insights from the field to influence feature design and risk scoring logic.
• Support go-to-market and growth efforts: Contribute to customer success stories, case studies, and strategic account expansions as a thought leader in risk-driven security operations.

Qualifications

Required:

• 6+ years in cybersecurity consulting, risk management, threat intelligence, or advisory roles
• Executive-level communication skills with the ability to distill technical findings into business impact narratives
• Hands-on experience with cyber risk quantification methodologies (e.g., FAIR, CVSS, threat likelihood models)
• Working knowledge of vulnerability management, attack surface reduction, and security program metrics
• Experience aligning cyber programs with regulatory frameworks (e.g., NIST 800-53, PCI-DSS, CMMC, ISO 27005)
• Ability to lead cross-functional workshops with technical and business stakeholders
• Comfort working with large datasets, dashboards, and reporting tools (e.g., Power BI, Tableau, or equivalent)

Preferred:

• Experience advising or working with CISOs, risk committees, or audit boards
• Familiarity with the Qualys ETM platform or similar cyber risk platforms (e.g., Brinqa, ServiceNow VR, Tenable, Kenna)
• Experience with scripting or analysis tools (e.g., Python, SQL)
• Certifications such as CISM, CRISC, CISA, CISSP, or FAIR Certification
• Understanding of cloud-native security risks (AWS, Azure, GCP)

#LI-Remote

Qualys is an Equal Opportunity Employer, please see our EEO policy.