Jobs · Management · California

Senior Director of Subject Matter Expert – CTEM, RBVM, ASPM – Risk Operation Center (ROC)

Qualys · Foster City, CA · 2 wk ago
Management$200k–$235k/yrFull-time

About the role

We are seeking a Senior Director – Subject Matter Expert (SME) to lead deep technical expertise and field architecture & deployment for the Qualys Enterprise TruRisk Management (ETM) platform and Risk Operations Center (ROC) operating model. This role is a hands-on technical SME leadership position responsible for driving the architecture, deployment strategy, and customer adoption of Qualys exposure management solutions including:

  • Enterprise TruRisk Management (ETM)
  • Risk Operations Center (ROC)
  • Cyber Risk Quantification (CRQ)
  • Vulnerability Management Detection & Response (VMDR)
  • CyberSecurity Asset Management (CSAM)
  • External Attack Surface Management (EASM)

Key Responsibilities

Technical Leadership & Architecture
Act as the deep technical authority for Qualys exposure management architecture including:

  • ETM risk correlation and prioritization
  • ROC operational workflows
  • Vulnerability management and remediation orchestration
  • ASPM & CNAPP integration to Exposure Management Platform (ETM)
  • Cross-domain exposure analytics across infrastructure, cloud, identity, and applications
  • Design and guide enterprise implementations that integrate:
  • VMDR vulnerability telemetry
  • Asset intelligence from CSAM
  • External attack surface data from EASM
  • Cloud posture insights from TotalCloud
  • Application security insights from ASPM / TotalAppSec
  • Third-party (non-Qualys) ecosystems such as CNAPP, AppSec, IoT/OT, Identity, CMDB, etc.
  • Lead the development of reference architectures and deployment models for large global enterprises.
  • Outbound Customer and Sales Enablement
    Develop sales enablement collateral, including customer product presentations, decks and demo scripts.
    Help develop messaging and product positioning in collaboration with PM and PMMs leads.
    Research the competitive landscape, determine how competitors are positioned and develop optimized positioning strategies and support documents for the CTEM, CAASM, CRQ, and RBVM.
    Educate the sales team on how to address competitors in the field with Qualys’ unique positioning.
    Develop collateral and be an expert on CTEM and RBVM technology and terminology.
    Be an expert in explaining the product to sales and be involved with demos and presentations to customers.
    Foster strong relationships with customers to gather feedback, understand pain points, and translate insights into product requirements.
    Design, deliver, and train the Qualys Sales Team on value-based demonstration of our products

    Hands-On Platform Expertise

    Work directly with engineering and product teams to:

    • Prototype new ETM and ROC capabilities
    • Validate exposure management workflows
    • Test integrations with DevSecOps pipelines and CI/CD environments
    • Provide technical feedback on product architecture and scalability
    • Provide deep expertise in:
    • Vulnerability lifecycle management
    • Exposure prioritization and TruRisk scoring
    • Attack path analysis
    • Cyber Risk quantification
    • Remediation orchestration
    • ASPM and application risk correlation
    • Risk Operations Center (ROC)

    Customer Advisory & Strategic Engagement

    Act as a trusted technical advisor to CISOs, security architects, and DevSecOps leaders.
    Lead architecture workshops, executive technical briefings, strategic customer advisory sessions and proof-of-concept deployments.
    Support major strategic and enterprise accounts globally and complex deployments

    Team Leadership

    Lead, mentor, and grow a team of 5–6 highly skilled technical SMEs, setting clear priorities, fostering a high-performance culture, and ensuring a strong execution rhythm.
    Build and deliver scalable and repeatable playbooks for:
    Field architecture guidance
    ETM and ROC technical enablement
    ASPM, CNAPP adoption and DevSecOps integration
    Product feedback and innovation

    Product Collaboration

    Partner closely with Product Management and Engineering to:
    Influence product roadmap
    Validate new capabilities
    Translate customer needs into platform improvements
    Accelerate innovation across exposure management and application security.

    Required Qualifications

    • 12–15+ years’ experience in cybersecurity architecture, product strategy, or technical leadership
    • Deep expertise in vulnerability management and exposure management platforms
    • Strong hands-on experience with application security, ASPM, and CNAPP ecosystems
    • Experience designing security architectures for large enterprise environments
    • Strong knowledge of cloud platforms (AWS, Azure, GCP)
    • Familiarity with DevSecOps pipelines and developer security workflows
    • Experience integrating security platforms across:
    • Exposure Management
    • Vulnerability management
    • Application security
    • Cloud security
    • Asset management
    • Identity security

    Preferred Experience

    • Experience working with platforms similar to Qualys and competitive vendor landscape focusing on RBVM, CTEM, AppSec, ASPM, CNAPP etc.
    • Familiarity with frameworks such as: Continuous Threat Exposure Management (CTEM), Zero Trust, NIST Cybersecurity Framework, MITRE ATT&CK
    • Experience working directly with enterprise CISOs and security leadership teams

    Salary Range

    The salary range for this position is $200,000 - $235,000 per year. Final compensation will be determined based on several factors, including but not limited to skills, relevant experience, and work location.

    Qualys is an Equal Opportunity Employer

    Please see our EEO policy.

Similar jobs