Qualys System Administrator

W2 Contract

Role: Qualys System Administrator

Work Location : Baltimore MD 

Key Responsibilities

1. Qualys Platform Administration

Manage: 

o Vulnerability Management (VMDR) 

o Asset Inventory / Global AssetView 

• Configure scanners (internal, passive, cloud) 

• Maintain asset tagging (Prod/Non-Prod, owners, classifications) 

• Manage user roles and access

2. Vulnerability Management Operations

• Run vulnerability scans (on-prem, cloud, endpoints) 

• Validate results and reduce false positives 

• Perform risk prioritization using: 

o CVSS 

o Threat intelligence 

o Business context 

• Support remediation and re-scanning

3. GRC & Compliance Integration

Map findings to frameworks: 

o NIST SP 800-53 

o HIPAA 

o ISO 27001 

Support: 

o Risk registers 

o Audit processes 

o Policy exceptions 

• Generate executive-level reports

4. Automation & Reporting

• Build dashboards and reports 

• Use APIs for integrations (e.g., ServiceNow, SIEM) 

• Improve scan coverage and monitoring

5. Operational Governance

• Maintain SOPs and documentation 

Participate in: 

o Incident response 

o Risk reviews 

o Security working groups 

• Support audits with evidence and reporting

Required Qualifications

Technical Skills

• Experience with Qualys VMDR 

Knowledge of: 

o CVEs, CVSS, vulnerability lifecycle 

• Experience with: 

o Enterprise-scale scanning 

o Windows, Linux, networking 

o AWS/Azure 

• Automation (Python, PowerShell, APIs) 

• ServiceNow integration experience 

GRC & Risk Knowledge

Familiarity with: 

o NIST RMF / SP 800-53 

o HIPAA 

• Ability to translate technical risks into business impact 

• Audit and compliance experience

Certifications (Preferred)

• Qualys certifications (VMDR, Policy Compliance, Asset Management) 

Security certifications: 

o Security  

o CEH 

o CISSP 

• o CISA