Qualys System Administrator

W2 Contract

Role: Qualys System Administrator

Work Location : Baltimore MD

Key Responsibilities

1. Qualys Platform Administration

Manage:

o Vulnerability Management (VMDR)

o Asset Inventory / Global AssetView

• Configure scanners (internal, passive, cloud)

• Maintain asset tagging (Prod/Non-Prod, owners, classifications)

• Manage user roles and access

2. Vulnerability Management Operations

• Run vulnerability scans (on-prem, cloud, endpoints)

• Validate results and reduce false positives

• Perform risk prioritization using:

o CVSS

o Threat intelligence

o Business context

• Support remediation and re-scanning

3. GRC & Compliance Integration

Map findings to frameworks:

o NIST SP 800-53

o HIPAA

o ISO 27001

Support:

o Risk registers

o Audit processes

o Policy exceptions

• Generate executive-level reports

4. Automation & Reporting

• Build dashboards and reports

• Use APIs for integrations (e.g., ServiceNow, SIEM)

• Improve scan coverage and monitoring

5. Operational Governance

• Maintain SOPs and documentation

Participate in:

o Incident response

o Risk reviews

o Security working groups

• Support audits with evidence and reporting

Required Qualifications

Technical Skills

• Experience with Qualys VMDR

Knowledge of:

o CVEs, CVSS, vulnerability lifecycle

• Experience with:

o Enterprise-scale scanning

o Windows, Linux, networking

o AWS/Azure

• Automation (Python, PowerShell, APIs)

• ServiceNow integration experience

GRC & Risk Knowledge

Familiarity with:

o NIST RMF / SP 800-53

o HIPAA

• Ability to translate technical risks into business impact

• Audit and compliance experience

Certifications (Preferred)

• Qualys certifications (VMDR, Policy Compliance, Asset Management)

Security certifications:

o Security+

o CEH

o CISSP

o CISA