Information Assurance Security Specialist (Vulnerability Assessm

Executes vulnerability management activities for DDSB systems by scanning, analyzing findings, and driving remediation with operations and engineering teams. This role reduces cyber risk by turning scan data into prioritized, trackable corrective actions.

Key Tasks & Responsibilities

• Support the mission of the Information Systems Security Officer by ensuring network resources comply with DoD IA security policies, vulnerability alerts, IAVAs, and other technical advisories identified by USCYBERCOM (United States Cyber Command)/DHA.
• Perform IA scans of network enterprise devices using SCC (SCAP Compliance Checker), manual checks, DISA STIG Viewer, ACAS (Assured Compliance Assessment Solution) Nessus Scanner, ACAS Security Center, and MECM.
• Perform routine and random testing of servers and devices to ensure security compliance.
• Validate deployed security patches and solutions to ensure proper installation and function; verify remediation effectiveness following patching, configuration changes, or compensating controls.
• Maintain and validate asset lists within ACAS and eMASS (Enterprise Mission Assurance Support Services).
• Maintain credentialed scan coverage by resolving non-credentialing, dead, or misconfigured assets and addressing scan failures and access issues.
• Administer, record, and support upkeep of network resources and implemented changes as reported by CMRS (Continuous Monitoring and Risk Scoring)/ACAS/other scanning tools.
• Identify and drive resolution of discovered discrepancies and security vulnerabilities (missing patches, gaps in network security) through required DHA offices and service functions.
• Create, maintain, and follow POA&Ms (Plans of Action & Milestones) through resolution for issues requiring additional time for testing, solutions development, team collaboration, and deployment to include risk mitigation statements and milestone dates.
• Track and report vulnerability status, trends, and remediation progress to support Government oversight and decision-making, including leadership visibility for priority vulnerabilities and taskings.
• Report security violations and incidents up the chain of command within established timeframes; reply and report to security and associated taskers.

Education & Experience

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Data Science, Engineering, Mathematics, or a closely related discipline or equivalent practical experience (as permitted by the contract).
• Minimum 4 years of relevant experience supporting enterprise IT environments, with demonstrated work aligned to Information Assurance.

Certifications

• At least one: CGRC/CAP, CASP+, Cloud+, PenTest+, Security+, or GSEC.
• Alternate/equivalent certifications may be accepted with Government approval.
• Preferred/Work-center dependent: Microsoft Certified: Azure Administrator Associate or Microsoft Certified: Windows Server Hybrid Administrator Associate.

Security Clearance

• Must be able to obtain and maintain Public Trust suitability and all required system access (e.g., CAC-enabled accounts) to perform duties.

Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)

• Work is primarily on-site in San Antonio, TX; limited remote work may be allowed when authorized by the Government and mission requirements permit. Work may require after-hours, weekend, and/or on-call support as directed, including support during scheduled maintenance windows, high-impact incidents, vulnerability response actions, inspections, and surge periods.
• This position is aligned to applicable DoD Manual 8140.03 work role 803 (NIST: OV-PM-003); contractor personnel must meet DoD 8570.01-M baseline certification requirements and transition to DoD Manual 8140.03 work role requirements, including required training, knowledge, skills, abilities, and tasks, within Government-directed timelines.

Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.

Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at [email protected] .

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.