Company Overview:
Over the past 15 years, eTel has delivered essential solutions for the federal government by securing and managing data, providing scalable identity access, modernizing legacy systems, and building high-performance platforms. By integrating new technologies and ensuring reliable operations we help agencies stay prepared for future challenges As a premier technology solutions and services company to the US federal government, eTel possesses longstanding relationships across the federal civilian marketplace. Other customers include the broader Treasury Department, Commerce Department, and State Department.
eTel offers integrated CMMI Level 3 processes, tools, and techniques with innovative, cost-efficient, and secure solutions to address complex challenges. eTel also holds ISO 9001:2015, ISO/IEC 27001:2013, and ISO/IEC 20000-1:2018 certifications, and offers dedicated subject matter experts (SMEs) and thought leaders that possess a deep understanding of customers’ environments and challenges.
Job Position: Qualys System Administrator
Client: Montgomery County Government
Location: Rockville, MD
Citizenship: US Citizen (MUST)
Quotation Deliverables: All work shall be performed on-site at County facilities in accordance with the above-referenced contract. At the County’s sole discretion, and subject to operational needs, security requirements, and management approval, the County may authorize a telework arrangement for specific personnel at a future date. Any such arrangement must be formalized through a County approved telework agreement and may be modified or revoked by the County at any time.
Background:
The County seeks to enhance its enterprise vulnerability and configuration assessment capabilities by procuring the services of a qualified Vulnerability Engineer with demonstrated experience in the administration and operational use of the QualysGuard platform. This role is critical to supporting the County’s ongoing threat and vulnerability management program and will play a key role in reducing the organization's risk exposure.
The Qualys System Administrator is responsible for the administration, configuration, and operational management of the Qualys Cloud Platform to support the organization’s enterprise vulnerability management, compliance, and risk management programs. This role partners closely with Information Security, GRC, Infrastructure, and Application teams to ensure accurate asset discovery, vulnerability identification, risk prioritization, and remediation tracking in alignment with County policies.
Scope of Work:
- Qualys Platform Administration
- Administer and maintain the Qualys Cloud Platform, including (as applicable):
- Vulnerability Management (VMDR)
- Asset Inventory / Global AssetView
- Configure and manage scanners (internal, passive, and cloud-based).
- Maintain asset tagging strategies aligned with environments (Prod/Non-Prod), system owners, data classifications, and compliance scopes.
- Manage user roles, permissions, and access controls within Qualys.
- Vulnerability Management Operations
- Execute scheduled and ad-hoc vulnerability scans across on-prem, cloud, and endpoint environments.
- Validate scan results, reduce false positives, and ensure data accuracy.
- Perform vulnerability triage and risk-based prioritization using CVSS, exploitability, threat intelligence, and business context.
- Support remediation efforts by working with infrastructure, application, and cloud teams to validate fixes and re-scan assets.
- GRC & Compliance Integration
- Map Qualys findings to regulatory and control frameworks (e.g., NIST SP 800-53, HIPAA Security Rule, ISO 27001).
- Provide vulnerability and exposure data to support:
- Risk register entries
- Policy exception requests
- Audit and assessment activities
- Generate compliance and executive-level reports for security leadership and governance committees.
- Automation & Reporting
- Develop and maintain custom dashboards, reports, and scorecards for operational, management, and executive audiences.
- Leverage Qualys APIs to automate data extraction, integrations, and reporting (e.g., ServiceNow GRC, ticketing, SIEM)
- Support continuous monitoring initiatives by improving scan coverage, frequency, and data quality
- Operational Governance
- Maintain standard operating procedures (SOPs) and technical documentation for vulnerability management processes.
- Participate in incident response, risk review boards, and security working groups as a subject matter expert.
- Support internal and external audits by providing evidence, scan results, and remediation validation.
Required Qualifications:
- Technical Skills
- Hands-on experience administering the Qualys Cloud Platform (VMDR required).
- Strong understanding of vulnerability management concepts, CVEs, CVSS scoring, and remediation workflows.
- Experience managing large-scale scanning environments (enterprise networks, cloud, endpoints).
- Working knowledge of Windows, Linux, networking, and cloud platforms (AWS/Azure).
- Experience with asset inventory, tagging, and data normalization.
- Scripting or automation experience (Python, PowerShell, REST APIs).
- Experience integrating Qualys with ServiceNow (ITSM or GRC).
- GRC & Risk Knowledge
- Familiarity with NIST SP 800-53, NIST RMF, HIPAA Security Rule, or equivalent frameworks.
- Ability to translate technical vulnerabilities into business and compliance risk.
- Experience supporting audits, assessments, or risk exception processes.
Certifications:
- Qualys certifications (VMDR, Policy Compliance, Asset Management)
- Security certifications such as Security+, CEH, CISSP, or CISA
Commitment to Diversity -
eTelligent Group provides equal employment opportunities (EEO) to all applicants without regard to race, color, religion, gender, sexual orientation, gender identity, nations origin, age, disability, genetic information, marital status, amnesty, status as a covered veteran, and any other characteristic provided in accordance with applicable, federal, state and local laws.
Top Skills
What We Do
eTelligent Group is a proven team of talented IT professionals providing reliable solutions for business & information technology (IT) management and services. We solve complex program and IT problems by implementing proven strategies & innovative solutions. We deliver IT services, agile and DevOps development, big data services, IT program management, and cyber security services. Working as a trusted partner of the Federal Government, we hold ourselves to the highest industry standards such as (CMMI Level 3 and PMBOK). We are proud of our outstanding past performance implementing client solutions that increase both reliability and security for our clients. We deliver professional services by applying our proven process methodologies to exceed performance standards. We partner with leading COTS solution providers such as webMethods, MuleSoft, and RedHat to provide Middleware, API-led integrations, and SOA-based solutions. We deliver cutting edge technical solutions, while meeting the core business needs of each client.
.png){kind=logo}
