Creative IT Inc
Creative IT Inc

Qualys System Administrator

Rockville, MD, US • Posted 1 day ago • Updated 1 day ago
Contract Independent
No Travel Required
On-site
Depends on Experience
Fitment

Dice Job Match Score™

🫥 Flibbertigibetting...

Job Details

Skills

  • Qualys
  • Cloud Computing
  • Risk Management Framework
  • HIPAA
  • NIST SP 800 Series
  • Python
  • SIEM
  • ServiceNow
  • System Administration
  • CISA
  • CISSP
  • Security+

Summary

About us:

Creative Information Technology Inc (CITI) is an esteemed IT enterprise renowned for its exceptional customer service and innovation. We serve both government and commercial sectors, offering a range of solutions such as Healthcare IT, Human Services, Identity Credentialing, Cloud Computing, and Big Data Analytics. With clients in the US and abroad, we hold key contract vehicles including GSA IT Schedule 70, NIH CIO-SP3, GSA Alliant, and DHS-Eagle II.

 

Join us in driving growth and seizing new business opportunities!

 

Scope of Work:

1. Qualys Platform Administration

       Administer and maintain the Qualys Cloud Platform, including (as applicable):

o   Vulnerability Management (VMDR)

o   Asset Inventory / Global AssetView

       Configure and manage scanners (internal, passive, and cloud-based).

       Maintain asset tagging strategies aligned with environments (Prod/Non-Prod), system owners, data classifications, and compliance scopes.

       Manage user roles, permissions, and access controls within Qualys.

 

2. Vulnerability Management Operations

       Execute scheduled and ad-hoc vulnerability scans across on-prem, cloud, and endpoint environments.

       Validate scan results, reduce false positives, and ensure data accuracy.

       Perform vulnerability triage and risk-based prioritization using CVSS, exploitability, threat intelligence, and business context.

       Support remediation efforts by working with infrastructure, application, and cloud teams to validate fixes and re-scan assets.

 

3. GRC & Compliance Integration

       Map Qualys findings to regulatory and control frameworks (e.g., NIST SP 800-53, HIPAA Security Rule, ISO 27001).

       Provide vulnerability and exposure data to support:

o   Risk register entries

o   Policy exception requests

o   Audit and assessment activities

       Generate compliance and executive-level reports for security leadership and governance committees.

 

4. Automation & Reporting

       Develop and maintain custom dashboards, reports, and scorecards for operational, management, and executive audiences.

       Leverage Qualys APIs to automate data extraction, integrations, and reporting (e.g., ServiceNow GRC, ticketing, SIEM)

       Support continuous monitoring initiatives by improving scan coverage, frequency, and data quality

 

5. Operational Governance

       Maintain standard operating procedures (SOPs) and technical documentation for vulnerability management processes.

       Participate in incident response, risk review boards, and security working groups as a subject matter expert.

       Support internal and external audits by providing evidence, scan results, and remediation validation.

 

Required Qualifications:

1.      Technical Skills

       Hands-on experience administering the Qualys Cloud Platform (VMDR required).

       Strong understanding of vulnerability management concepts, CVEs, CVSS scoring, and remediation workflows.

       Experience managing large-scale scanning environments (enterprise networks, cloud, endpoints).

       Working knowledge of Windows, Linux, networking, and cloud platforms (AWS/Azure).

       Experience with asset inventory, tagging, and data normalization.

       Scripting or automation experience (Python, PowerShell, REST APIs).

       Experience integrating Qualys with ServiceNow (ITSM or GRC).

 

2.      GRC & Risk Knowledge

       Familiarity with NIST SP 800-53, NIST RMF, HIPAA Security Rule, or equivalent frameworks.

       Ability to translate technical vulnerabilities into business and compliance risk.

       Experience supporting audits, assessments, or risk exception processes.

 

Certifications:

       Qualys certifications (VMDR, Policy Compliance, Asset Management)

      Security certifications such as Security+, CEH, CISSP, or CISA

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 10432825
  • Position Id: 8934014
  • Posted 1 day ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Vulnerability Engineer/Analyst with Qualys

Rockville, Maryland

Today

Easy Apply

Contract, Third Party

Depends on Experience

Qualys System Administrator

Hybrid in Rockville, Maryland

Yesterday

Easy Apply

Contract, Third Party

$45

CYBER SECURITY LEAD with A&A

Hybrid in Rockville, Maryland

8d ago

Easy Apply

Contract

65 - 70

Cyber Security - Lead - Local to Rockville, MD

Hybrid in Rockville, Maryland

6d ago

Easy Apply

Contract

Depends on Experience

Search all similar jobs