ACAS Vulnerability Management Specialist

About The Position

Requirements

• BS degree and two (2) years or more experience; four (4) years of experience accepted in lieu of degree
• Scripting or Application programming interface (API) (i.e. PowerShell, Python, etc.)
• Proven experience with security and auditing tools for Windows and Linux operating systems such to include: installing, configuring, maintenance, backups, and restore
• Experience in supporting, configuring, administering Assured Compliance Assessment Solution (ACAS) and/or Nessus
• Must have one (1) current DoD 8140 Basic Systems Security Analyst certification (i.e. CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, OR SSCP)
• Active Secret Security Clearance

Responsibilities

• Deploy, maintain, and perform tuning of ACAS scanners to meet current and future needs, IAW latest Best Practice Guide and CORA/CCRI requirements
• Develop / create, deploy, and manage ACAS scan configurations IAW ACAS BPG
• Conduct scans and provide detailed reporting to leadership
• Ensures scheduled scans are covering 100% of intended assets and are being run successfully
• Ensure all ACAS scanners, components and Security Center are operational and reporting properly
• Perform required vulnerability scans and create repositories, queries, and dashboards as necessary to ensure vulnerability report information is available
• Investigate false positives or any invalid scan data results
• Develop tracking mechanism for false positives and track false positives until the finding is corrected; provide results upon resolution
• Upgrade Security Centers and Scanners to the latest DISA-approved version, as well as having the latest patches installed as they are approved and released
• Continuously monitor the performance and integrity of ACAS, assess scan times, and make changes to improve performance