Patch Research Engineer

Pune, IndiaOn-site

Responsibilities

Identify new software releases, security updates, and version changes from vendor sources, changelogs, and security advisories (CVE/NVD).
Map vendor releases to structured metadata schemas, including version strings, download URLs, detection logic, and installation parameters.
Track software End-of-Life (EOL) dates and update catalog entries accordingly.
Research and verify correct msiexec.exe flags, NSIS /S switches, and equivalent silent/unattended arguments per software.
Determine accurate reboot behavior (Yes / No / Maybe) per installer type and document exit codes (success, reboot-required).
Manually test patch installation in sandbox environments and verify detection logic post-install.
Identify and document file-based detection paths (FileVersion, ProductVersion attributes on key executables).
Validate detection logic against fresh installs and upgrades across supported Windows versions.

Backend Patch Tool Understanding Understand how enterprise patch management platforms (e.g., Qualys Patch Management, SCCM, Ivanti, Adaptiva) discover, deploy, and verify patches.
Familiarity with how catalogs are consumed by patch engines — detection-before-install logic, supersedence evaluation, and deployment policy enforcement. Required Skills &
experience in Windows systems administration, patch management, or software packaging.
Strong understanding of Windows OS internals — registry structure, file system, user vs. system installation scopes, environment variables, and PATH management. Hands-on
experience with Windows patching tools (WSUS, SCCM/ConfigMgr, Ivanti, Qualys, Chocolatey, or equivalent).
Experience with manual patch installation — running MSI/EXE installers, using msiexec.exe with switches, repackaging software.
Solid understanding of installer technologies: MSI/WiX, NSIS, InnoSetup, Squirrel, and their silent install mechanisms.
Familiarity with the Windows registry and the ability to trace installation artifacts to their registry keys. Nice to Have
Experience with Windows Installer (MSI) internals — product codes, upgrade codes, component tables.
Knowledge of ARM64 Windows platform nuances and multi-architecture software distribution.
Good understanding of Windows Update infrastructure (WUA, WSUS, CBS/SFC). Scripting
experience in Python or PowerShell.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
About the Role Qualys is looking for a detail-oriented Windows Patch Management Catalog Researcher to join the Patch Management product team.
In this role, you will be responsible for building and maintaining a comprehensive, accurate patch catalog covering a wide range of third-party Windows software. Key
Responsibilities Patch Catalog Research & Authoring Research, author, and maintain patch metadata for third-party Windows applications across a broad software catalog.
Detection Logic & Registry Research Research and validate Windows registry keys used to detect installed software versions (Uninstall hive, vendor-specific keys, DisplayVersion, etc.).
Understand the difference between 32-bit and 64-bit registry views (WOW6432Node) and apply the correct detection architecture per installer variant.
Experience building or maintaining a software patch catalog (Adaptiva, Chocolatey, ManageEngine, or similar).