Security Research Engineer

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Job Title: Security Research Engineer (Apple macOS Patch Catalogue Engineer – Patch Content Development) Location: Pune, India Experience Required: 3–8 Years (Patch Management / Vulnerability Content / macOS Administration) Role Overview: We are seeking a highly skilled Apple macOS Patch Catalogue Engineer to design, develop, validate, and maintain macOS patch metadata and deployment catalogues, like enterprise patching solutions worldwide. The role involves building an in-house macOS patch content repository covering Apple updates and third-party applications, ensuring accurate detection and installation logic, compliance reporting, and seamless deployment across enterprise environments. Key Responsibilities: 1. Patch Catalogue Development Research and analysis of security advisories from Apple Inc. for macOS and related products. Create structured macOS patch metadata. Maintain a centralised macOS patch catalogue repository. 2. macOS Update & Security Monitoring Track releases of macOS and other supported products. 3. Detection & Compliance Logic Must have good hands-on experience with scripts like “Bash / Zsh / Python”. Familiar with macOS system profiling commands. Must have experience with OS builds, Application bundles (.app), Package receipts (.pkg) 4. QA & Validation Perform lab testing across supported macOS versions. Successful installation, Rollback scenarios, Dependency handling, and non-fail- safe behaviour. Ensure patch content does not impact system stability. 5. Third-Party macOS Application Patching Build patch metadata for third-party macOS applications. Create packaging workflows for DMG, PKG, and ZIP formats. Required Skills Strong knowledge of macOS architecture and filesystem. Experience with: macOS software update mechanism PKG/DMG packaging Launch Daemons & system services Scripting: Bash / Python (mandatory) Understanding of: CVE / NVD data, Vulnerability severity scoring, Patch supersedes logic. Experience with enterprise patching tools (preferred): Ivanti Patch for Endpoint Manager, ManageEngine Patch Manager Plus, etc. Good to Have Knowledge of: Apple MDM framework Apple Business Manager Secure Token / FileVault handling Understanding the differences between macOS ARM (Apple Silicon) and Intel architectures. Experience building in-house patch management platforms. Join our talent community and receive the latest Qualys news, content, and be first in line for new job opportunities. Join our Talent Community! Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.