SOC Vulnerability Management ACAS Lead - Senior

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 541-Vulnerability Assessment Analyst — Intermediate proficiency; must hold ONE OR MORE of the following: CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP-A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, Security+
• 7+ years of experience in cybersecurity
• Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
• Experience leading enterprise vulnerability scanning, validation, and reporting activities in support of cybersecurity operations.
• Experience administering and sustaining ACAS infrastructure, including scan policy execution, credentialed scanning, and coverage management.
• Experience assessing vulnerabilities and compliance posture against STIGs, IAVMs, RMF requirements, and documented cybersecurity directives.
• Experience coordinating remediation activities with system owners, engineers, and cybersecurity teams and tracking closure status through formal risk management processes.
• Experience producing compliance metrics, operational reporting, and audit-support artifacts for continuous monitoring programs.
• Experience supporting POA&M management and maintaining accurate representation of current risk posture.
• Ability to analyze scan results for accuracy, eliminate false positives where appropriate, and communicate actionable findings to technical and non-technical stakeholders.

Responsibilities

• Lead ACAS scanning operations across ARNG enterprise environments, including scan planning, execution, validation, and reporting to support continuous vulnerability identification and risk reduction.
• Oversee configuration, sustainment, and coverage of ACAS infrastructure, ensuring proper credentialing and accurate scan visibility across supported systems and enclaves.
• Validate vulnerability findings against STIGs, IAVMs, RMF requirements, and applicable DoD and ARNG cybersecurity directives before release to stakeholders for action.
• Prioritize high-risk vulnerabilities based on current threat posture and enterprise impact, and coordinate remediation tracking with system owners, engineering teams, and cybersecurity stakeholders.
• Maintain accurate POA&M status and support eMASS update activities so reported risk posture reflects current remediation progress and compliance conditions.
• Produce operational metrics, compliance reports, and vulnerability governance data to support continuous monitoring, audit readiness, and cybersecurity decision-making.
• Coordinate vulnerability management activities with SOC functions and enterprise cyber operations that use USIEM analytics, EDR, and IDS/IPS data to improve visibility and response across the DoDIN-A(NG) environment.
• Support Task 3 deliverables by aligning ACAS-driven vulnerability assessment activities with ENOCS cybersecurity operations conducted in coordination with the NETCOM Global Cyber Center and DISA DCDC.
• Contribute to protection of ARNG classified and unclassified network environments that support Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and SIPRNet operations across 54 states and territories.