Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.
Job DescriptionThe Analyst shall operate and maintain the ACAS solution, to support network and application scanning and ensure configuration assessments are conducted and incidents are resolved in accordance with the incident response table and client SOPs.
Familiar in the utilization of Tenable NESSUS Assured Compliance Asset Solution (ACAS) scanning agent and Vulnerability Remediation Asset Manager (VRAM) across seven shipboard enclaves.
-Perform Nessus vulnerability scans, Nessus agent scans, and Passive vulnerability scans.
-Installation, monitoring, testing, troubleshooting, and administration of the Nessus and Passive Vulnerability Scanner applications.
-Create ACAS queries to optimize processes, procedures, and analysis.
-Configures, optimizes, and tests vulnerability scans against new and existing Operating Systems and platforms.
-Conduct vulnerability analysis, research, and script analysis to verify potential false positives.
-Perform scan policy analysis & configuration to determine the impact of vulnerability scanning against target devices.
-Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
-Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
-Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
-Identifies security risks and exposures, determines the causes of security violations, and suggests procedures to halt future incidents and improve security.
-Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
-Maintain system documentation.
Education and Experience:
-BA/BS in Cyber Security or equivalent or documented 8+ years of experience.
-2+ yrs Knowledge and experience with ACAS Security Center (SC) and Nessus Vulnerability Scanners (NVS).
-Possess understanding and experience with common cybersecurity toolsets and processes to include STIGS, CAS, IAVA Management and Implementation, and OPORD/FRAGO support.
-ATO process.
DOD RMF Configuration Management.
NIST SP800-53 and NIST SP800-37.
Qualifications:
TS/SCI eligible with POLY.
DoD 8570 IAT II certification.
Security+ / Linux+
US Citizenship Required