Qualys System Administrator

Qualys System Administrator

Work Location : Baltimore MD

Key Responsibilities

1. Qualys Platform Administration

• Manage:
• Vulnerability Management (VMDR)
• Asset Inventory / Global AssetView
• Configure scanners (internal, passive, cloud)
• Maintain asset tagging (Prod/Non-Prod, owners, classifications)
• Manage user roles and access

2. Vulnerability Management Operations

• Run vulnerability scans (on-prem, cloud, endpoints)
• Validate results and reduce false positives
• Perform risk prioritization using:
• CVSS
• Threat intelligence
• Business context
• Support remediation and re-scanning

3. GRC & Compliance Integration

• Map findings to frameworks:
• NIST SP 800-53
• HIPAA
• ISO 27001
• Support:
• Risk registers
• Audit processes
• Policy exceptions
• Generate executive-level reports

4. Automation & Reporting

• Build dashboards and reports
• Use APIs for integrations (e.g., ServiceNow, SIEM)
• Improve scan coverage and monitoring

5. Operational Governance

• Maintain SOPs and documentation
• Participate in:
• Incident response
• Risk reviews
• Security working groups
• Support audits with evidence and reporting

Required Qualifications

Technical Skills

• Experience with Qualys VMDR
• Knowledge of:
• CVEs, CVSS, vulnerability lifecycle
• Experience with:
• Enterprise-scale scanning
• Windows, Linux, networking
• AWS/Azure
• Automation (Python, PowerShell, APIs)
• ServiceNow integration experience

GRC & Risk Knowledge

• Familiarity with:
• NIST RMF / SP 800-53
• HIPAA
• Ability to translate technical risks into business impact
• Audit and compliance experience

Certifications (Preferred)

• Qualys certifications (VMDR, Policy Compliance, Asset Management)
• Security certifications:
• Security+
• CEH
• CISSP
• CISA