Security Research Engineer

Qualys

PunePosted 3 months ago

Full-timehybrid

Apply Now Ask Renata

Job Description

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Job Title: Security Research Engineer

(Apple macOS Patch Catalogue Engineer – Patch Content Development)

Location: Pune, India

Experience Required:

3–8 Years (Patch Management / Vulnerability Content / macOS Administration)

Role Overview:

We are seeking a highly skilled Apple macOS Patch Catalogue Engineer to design, develop, validate, and maintain macOS patch metadata and deployment catalogues, like enterprise patching solutions worldwide.

The role involves building an in-house macOS patch content repository covering Apple updates and third-party applications, ensuring accurate detection and installation logic, compliance reporting, and seamless deployment across enterprise environments.

Key Responsibilities:

1. Patch Catalogue Development

Research and analysis of security advisories from Apple Inc. for macOS and related products.

Create structured macOS patch metadata.

Maintain a centralised macOS patch catalogue repository.

2. macOS Update & Security Monitoring

Track releases of macOS and other supported products.

3. Detection & Compliance Logic

Must have good hands-on experience with scripts like “Bash / Zsh / Python”.

Familiar with macOS system profiling commands.

Must have experience with OS builds, Application bundles (.app), Package receipts (.pkg)

4. QA & Validation

Perform lab testing across supported macOS versions.

Successful installation, Rollback scenarios, Dependency handling, and non-fail- safe behaviour.

Ensure patch content does not impact system stability.

5. Third-Party macOS Application Patching

Build patch metadata for third-party macOS applications.

Create packaging workflows for DMG, PKG, and ZIP formats.

Required Skills

Strong knowledge of macOS architecture and filesystem.

Experience with:

macOS software update mechanism

PKG/DMG packaging

Launch Daemons & system services

Scripting: Bash / Python (mandatory)

Understanding of:

CVE / NVD data, Vulnerability severity scoring, Patch supersedes logic.

Experience with enterprise patching tools (preferred):

Ivanti Patch for Endpoint Manager, ManageEngine Patch Manager Plus, etc.

Good to Have Knowledge of:

Apple MDM framework

Apple Business Manager

Secure Token / FileVault handling

Understanding the differences between macOS ARM (Apple Silicon) and Intel architectures.

Experience building in-house patch management platforms.

See Your Match Score

Get Started Free

About Qualys

Website

More jobs at Qualys

Senior Manager, Accounting

Foster City

Technical Support Engineer

Raleigh

Security Solutions Architect

Dubai

Senior Director, Product Management – Autonomous Remediation Platform (Autonomous RemOps)

Foster City

Director, Product Management & Marketing, EMEA

United Kingdom

Revenue Operations Manager

Texas

Similar roles

Lecturer/Senior Lecturer (Cybersecurity) – School of Engineering

Sggovterp · Nanyang Polytechnic

Advisor, Application Security Engineer

Publicis Collective · Chicago, Illinois, United States

Advisor, Application Security Engineer

Lotame · Chicago, Illinois, United States

Controls, Security, Network, Compute Lead

sbenergy · Lubbock, Texas

Co-Op, Lab IT/OT Security Engineer

Lila Sciences · Cambridge, MA, USA

Co-Op, AI Security

Lila Sciences · Cambridge, MA, USA