Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

About the Role

Qualys is looking for a detail-oriented Windows Patch Management Catalog Researcher to join the Patch Management product team. In this role, you will be responsible for building and maintaining a comprehensive, accurate patch catalog covering a wide range of third-party Windows software.
 

Key Responsibilities

Patch Catalog Research & Authoring

  • Research, author, and maintain patch metadata for third-party Windows applications across a broad software catalog.
  • Identify new software releases, security updates, and version changes from vendor sources, changelogs, and security advisories (CVE/NVD).
  • Map vendor releases to structured metadata schemas, including version strings, download URLs, detection logic, and installation parameters.
  • Track software End-of-Life (EOL) dates and update catalog entries accordingly.

Windows Patching & Installation Knowledge

  • Document and validate silent installation parameters for diverse installer types (MSI, NSIS EXE, InnoSetup, WiX, etc.).
  • Research and verify correct msiexec.exe flags, NSIS /S switches, and equivalent silent/unattended arguments per software.
  • Determine accurate reboot behavior (Yes / No / Maybe) per installer type and document exit codes (success, reboot-required).
  • Manually test patch installation in sandbox environments and verify detection logic post-install.

Detection Logic & Registry Research

  • Research and validate Windows registry keys used to detect installed software versions (Uninstall hive, vendor-specific keys, DisplayVersion, etc.).
  • Identify and document file-based detection paths (FileVersion, ProductVersion attributes on key executables).
  • Understand the difference between 32-bit and 64-bit registry views (WOW6432Node) and apply the correct detection architecture per installer variant.
  • Validate detection logic against fresh installs and upgrades across supported Windows versions.

Backend Patch Tool Understanding

  • Understand how enterprise patch management platforms (e.g., Qualys Patch Management, SCCM, Ivanti, Adaptiva) discover, deploy, and verify patches.
  • Familiarity with how catalogs are consumed by patch engines — detection-before-install logic, supersedence evaluation, and deployment policy enforcement.

Required Skills & Qualifications

  • 4-5 years of experience in Windows systems administration, patch management, or software packaging.
  • Strong understanding of Windows OS internals — registry structure, file system, user vs. system installation scopes, environment variables, and PATH management.
  • Hands-on experience with Windows patching tools (WSUS, SCCM/ConfigMgr, Ivanti, Qualys, Chocolatey, or equivalent).
  • Experience with manual patch installation — running MSI/EXE installers, using msiexec.exe with switches, repackaging software.
  • Solid understanding of installer technologies: MSI/WiX, NSIS, InnoSetup, Squirrel, and their silent install mechanisms.
  • Familiarity with the Windows registry and the ability to trace installation artifacts to their registry keys.

Nice to Have

  • Experience building or maintaining a software patch catalog (Adaptiva, Chocolatey, ManageEngine, or similar).
  • Experience with Windows Installer (MSI) internals — product codes, upgrade codes, component tables.
  • Knowledge of ARM64 Windows platform nuances and multi-architecture software distribution.
  • Good understanding of Windows Update infrastructure (WUA, WSUS, CBS/SFC).
  • Scripting experience in Python or PowerShell.
Apply for this job