Today
Secret
Unspecified
Unspecified
IT - Software
Hanahan, SC (On-Site/Office)
As an ACAS Support Engineer you will be participating in activities associated with vulnerability scanning, vulnerability analysis, scan analysis/troubleshooting. You will primarily be responsible for infrastructure support and management of the Assured Compliance Assessment Solution (ACAS), analyzing vulnerability scanning activities and tracking/reporting on vulnerabilities to include Plan of Actions and Milestones (POA&M) submittals as required.
Position Requirements and Duties
• Maintaining, supporting, planning and developing ACAS architecture (Nessus Scanners, Passive Vulnerability Scanners, Security Centers) including the application and host servers (Linux VMs)
• Testing new iterations of existing and future software as either part of the ACAS suite or for potential inclusion
• Adapting existing infrastructure (both ACAS application and related hardware) and processes to meet exigent needs of DHA ACAS operations as the concept of the Med-COI evolves
• Training team members on execution of new/updated processes for scalable and repeatable updates and maintenance of ACAS applications
• Integrating performance monitoring metrics into larger NSOC monitoring software to identify problems in advance of customer notification
• Identifying current and future needs based on historical and contemporary use cases and emerging information both from Tenable and the DISA ACAS PMO
• Evaluating successful implementation of established processes and procedures for updating and maintaining the ACAS applications
• Participating and providing recommendations and courses of action in recurring status meetings regarding ACAS operation, planning and deployment efforts (including version and patching updates)
• Supporting and providing technical documentation of ACAS and associated network architecture and operational/process documentation
• Monitoring status of Nessus Scanners, Passive Vulnerability Scanners, and Security Centers and ensure 24x7x365 availability of scanning infrastructure
• Notifying Linux administrators of outages and logging in the Outage Tracker on the KBS
• Providing technical support, recommendations, and troubleshooting to subscribers and to other team members
• Troubleshooting system issues
• Disk usage, disk speed problems, database locks, and connectivity
• Troubleshooting application issues
• Configuration issues, scan zone overlaps, outages, and application health
• Troubleshooting scanning issues
• False positives, configuration problems, and authentication issues
• Submitting PPSM tickets for problems with ACAS systems communicating both internally and with customer devices
• Interfacing with Tenable regarding troubleshooting efforts and feature requests
• Assisting ACAS users with credentialed scan issues
• Analyzing vulnerability scan results and subsequent reporting using the ACAS application
• Sending ASR/ARF reports to users as requested
• Sending .nessus files as requested
• Adding and pushing plugins to Nessus scanners
• Associating Nessus scanners to appropriate scan zones
• Updating STIG audits and maintaining the associated policies
• Monitoring VAAT inbox
• Monitoring and assisting with tickets submitted in the VAAT Remedy queue
• Attending and participating on monthly subscriber compliance calls conducted by Program Support
• Providing subscriber issuance compliance metrics to the Cyber Operation Center (CyOC)
• Maintaining existing standard operational procedure (SOP) documentation and drafting new SOPs and other documentation as necessary
• Supporting intra-CSSP team coordination efforts (e.g. CHTA, Dev, Program Support)
• Addressing PHX/SDB difficulties, tickets and feature requests as it pertains to ACAS and VAAT operations
• Interacting with the system administrators who oversee ACAS-related systems and functions
• Troubleshooting and testing integration with other products (e.g. ACAS -> PHX, ACAS -> Splunk)
• Maintaining CMRS ACAS publishing capability for DHA and SIPR customers
• Monitoring and managing MHS Genesis incorporation into the DHA Med-COI ACAS infrastructure
Minimum Qualifications
• 3 Years of direct ACAS experience
• Bachelor of Science Degree in related field and three years of relevant experience or 6 years of relevant experience.
Minimum Secret Clearance Required with Upgrade to Top Secret
Desired Qualifications
At least three years' experience in a CSSP environment
Required Certifications
• 8570 IAT Level II Certification
• DoD 8140 CSSP Auditor
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.
Position Requirements and Duties
• Maintaining, supporting, planning and developing ACAS architecture (Nessus Scanners, Passive Vulnerability Scanners, Security Centers) including the application and host servers (Linux VMs)
• Testing new iterations of existing and future software as either part of the ACAS suite or for potential inclusion
• Adapting existing infrastructure (both ACAS application and related hardware) and processes to meet exigent needs of DHA ACAS operations as the concept of the Med-COI evolves
• Training team members on execution of new/updated processes for scalable and repeatable updates and maintenance of ACAS applications
• Integrating performance monitoring metrics into larger NSOC monitoring software to identify problems in advance of customer notification
• Identifying current and future needs based on historical and contemporary use cases and emerging information both from Tenable and the DISA ACAS PMO
• Evaluating successful implementation of established processes and procedures for updating and maintaining the ACAS applications
• Participating and providing recommendations and courses of action in recurring status meetings regarding ACAS operation, planning and deployment efforts (including version and patching updates)
• Supporting and providing technical documentation of ACAS and associated network architecture and operational/process documentation
• Monitoring status of Nessus Scanners, Passive Vulnerability Scanners, and Security Centers and ensure 24x7x365 availability of scanning infrastructure
• Notifying Linux administrators of outages and logging in the Outage Tracker on the KBS
• Providing technical support, recommendations, and troubleshooting to subscribers and to other team members
• Troubleshooting system issues
• Disk usage, disk speed problems, database locks, and connectivity
• Troubleshooting application issues
• Configuration issues, scan zone overlaps, outages, and application health
• Troubleshooting scanning issues
• False positives, configuration problems, and authentication issues
• Submitting PPSM tickets for problems with ACAS systems communicating both internally and with customer devices
• Interfacing with Tenable regarding troubleshooting efforts and feature requests
• Assisting ACAS users with credentialed scan issues
• Analyzing vulnerability scan results and subsequent reporting using the ACAS application
• Sending ASR/ARF reports to users as requested
• Sending .nessus files as requested
• Adding and pushing plugins to Nessus scanners
• Associating Nessus scanners to appropriate scan zones
• Updating STIG audits and maintaining the associated policies
• Monitoring VAAT inbox
• Monitoring and assisting with tickets submitted in the VAAT Remedy queue
• Attending and participating on monthly subscriber compliance calls conducted by Program Support
• Providing subscriber issuance compliance metrics to the Cyber Operation Center (CyOC)
• Maintaining existing standard operational procedure (SOP) documentation and drafting new SOPs and other documentation as necessary
• Supporting intra-CSSP team coordination efforts (e.g. CHTA, Dev, Program Support)
• Addressing PHX/SDB difficulties, tickets and feature requests as it pertains to ACAS and VAAT operations
• Interacting with the system administrators who oversee ACAS-related systems and functions
• Troubleshooting and testing integration with other products (e.g. ACAS -> PHX, ACAS -> Splunk)
• Maintaining CMRS ACAS publishing capability for DHA and SIPR customers
• Monitoring and managing MHS Genesis incorporation into the DHA Med-COI ACAS infrastructure
Minimum Qualifications
• 3 Years of direct ACAS experience
• Bachelor of Science Degree in related field and three years of relevant experience or 6 years of relevant experience.
Minimum Secret Clearance Required with Upgrade to Top Secret
Desired Qualifications
At least three years' experience in a CSSP environment
Required Certifications
• 8570 IAT Level II Certification
• DoD 8140 CSSP Auditor
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.
group id: 10488887
