Vulnerability Analyst Jobs in Spring, TX (NOW HIRING)

Work with Us. Change the World.

At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world’s most complex challenges and build legacies for future generations.

There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.

We're one global team driven by our common purpose to deliver a better world. Join us.

We are seeking a skilled and motivated professional to join the Qualys support function within the Cybersecurity Engineering team, with an initial focus on reporting and External Attack Surface Management (EASM). This role supports the operation and optimization of the Qualys platform—particularly EASM, CyberSecurity Asset Management (CSAM), and VMDR—to provide accurate visibility, actionable insights, and high-quality reporting that enable effective vulnerability remediation across the enterprise.

While the specific Qualys modules supported by this role may evolve over time, enterprise reporting and risk visibility remain core to the position. This is a senior individual contributor role, requiring deep technical expertise, sound judgment, and the ability to operate independently while influencing outcomes across Cybersecurity, IT, and Executive stakeholders.

This position will offer some flexibility for hybrid work schedules to include both in-office presence and telecommute/virtual work to be based in either Houston or Dallas, TX.

Key Responsibilities:

• Serve as a subject-matter expert for Qualys reporting and risk visibility, providing guidance and support to Cybersecurity, IT Infrastructure, and Executive stakeholders.
• Partner with infrastructure, cloud, and application teams to support remediation efforts by providing accurate data, context, and reporting from the Qualys platform.
• Develop, maintain, and deliver clear, audience-specific reports and dashboards for IT Infrastructure teams, Software Governance, Cybersecurity teams, IT leadership, and Executive leadership.
• Support and optimize Qualys EASM and CSAM to provide accurate visibility into the organization’s external attack surface, including identifying, analyzing, and helping prioritize externally exposed vulnerabilities and risks to enable effective remediation.
• Support and maintain Qualys integrations with ServiceNow to enable accurate vulnerability intake, workflow routing, remediation tracking, and reporting.
• Serve as secondary support for Qualys platform operations, backing up another Cybersecurity Engineering resource and assisting with VMDR configuration, integrations, upgrades, and troubleshooting.
• Expand Qualys reporting and risk-visibility capabilities over time to support additional modules (e.g., TotalCloud, TotalAppSec, and Software Composition Analysis (SCA)) as organizational needs and platform maturity evolve.
• Drive continuous improvements to processes, environments, and overall security posture, ensuring operational efficiency and risk reduction.

Minimum Requirements:

• Bachelor’s degree (BA/BS) and at least 6 years of experience in cybersecurity, IT security, or a related field or demonstrated equivalency of experience and/or education
• Hands-on experience supporting Qualys in an enterprise environment, specifically EASM, CSAM, and VMDR.
• Strong experience with vulnerability data analysis, reporting, and remediation support.
• Demonstrated ability to translate technical data into clear, actionable insights for varied audiences.
• Strong analytical, problem-solving, and communication skills.
• Ability to work independently while collaborating effectively across cross-functional teams.

Preferred Qualifications

• Qualys certifications (e.g., Qualys EASM Specialist, Qualys VMDR Specialist).
• Experience with, or demonstrated interest in expanding into, additional Qualys modules such as TotalCloud, TotalAppSec, or SCA.
• Direct experience supporting IT infrastructure teams (e.g., server, network, cloud, or platform operations), enabling effective collaboration and practical, context-aware support.
• Broader cybersecurity experience outside of vulnerability management (e.g., network security, security architecture, cloud security, or security operations).
• Experience integrating Qualys with ServiceNow (e.g., vulnerability intake, ticket creation, workflow automation, or reporting).
• Industry certifications such as CISSP, CEH, CompTIA Security+, or equivalent.

• Sponsorship for US work authorization is not available for this position, now or in the future
• Relocation assistance is not available for this position

About AECOM 

AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan. 

AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients’ complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle – from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2025. Learn more at aecom.com. 

What makes AECOM a great place to work 

You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you’ll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you’ve always envisioned. Here, you’ll find a welcoming workplace built on respect, collaboration and community—where you have the freedom to grow in a world of opportunity. 

As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.