SOC Vulnerability Management ACAS Technician - Junior

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 541-Vulnerability Assessment Analyst — Basic proficiency; must hold ONE OR MORE of the following: CEH
• 3+ years of experience in cybersecurity
• Experience executing vulnerability scans and reviewing findings in support of enterprise cybersecurity operations.
• Experience validating scan credentials, asset coverage, and the quality of vulnerability assessment results.
• Experience tracking remediation actions with system owners and documenting status through closure or risk acceptance workflows.
• Experience updating POA&Ms and supporting compliance activities aligned with RMF requirements.
• Working knowledge of STIGs, IAVMs, and DoD or ARNG cybersecurity directives as they relate to vulnerability management.
• Experience producing operational reports that summarize scan results, remediation progress, and compliance status.

Responsibilities

• Execute authenticated and unauthenticated ACAS scans across ARNG networked systems to identify vulnerabilities affecting classified and unclassified environments.
• Analyze scan results to identify vulnerabilities, assess scan completeness, and validate credential integrity and asset coverage.
• Coordinate remediation actions with system owners and other cybersecurity stakeholders to support timely correction of identified weaknesses.
• Perform follow-up rescans to verify implementation and effectiveness of corrective actions and document validation results.
• Update and maintain POA&M entries based on scan findings, remediation status, and residual risk in support of RMF-aligned cybersecurity operations.
• Support operational reporting for vulnerability management activities in accordance with STIGs, IAVMs, RMF requirements, and DoD and ARNG cybersecurity directives.
• Contribute to Task 3 deliverables for secure baseline configuration, vulnerability management, and vulnerability assessment supporting continuous compliance across the ARNG enterprise.
• Interface with the broader SOC and cybersecurity operations structure to support enterprise defense activities aligned with ENOCS coordination across NETCOM Global Cyber Center and DISA DCDC.
• Help sustain cyber readiness for an ARNG environment spanning approximately 141,000 endpoints and 2,800 sites by validating scan coverage and supporting prioritized remediation tracking.