ACAS Administrator

Overview

CommIT Enterprises, Inc. is seeking a ACAS Adminstrator to support the Customer in the design and implementation of Assured Compliance Assessment Solution (ACAS) solutions for all Client networks, support and train operators from other sites on how to operate the ACAS tools and operate and maintain the ACAS solution across all client networks. They will also support network and application scanning and configuration assessments that are conducted at the Client site.

Established in 2001, CommIT is a Certified Veteran-Owned Small Business (CVOSB) providing innovative technical engineering and data science services. Our enterprise systems support includes the Department of Defense's (DoD) GCSS-MC, CAC2S, TBMCS-MC, and the Department of Veteran's Affairs' (VA) telehealth communications. We offer acquisition management, systems engineering, Agile software development, cloud management, IT modernization, data analytics, cybersecurity, and training, including leading-edge DevSecOps, automated testing, and mobile application development.

Responsibilities

Your essential job functions will include but may not be limited to-

• Build and configure all new Security Centers (SC) and Scanners.
• Ensure each region is scanning 100% of the area of responsibility.
• Ensure standardization from one SC to another i.e. repository naming and structure, scan configuration enforcement.
• Assess current ACAS implementations for each of the Government networks and recommend changes. Document the steps required to design the ACAS solution for each of the MCEN networks to include IP address, Fully Qualified Domain Name, and physical location of each component.
• Create network diagrams of the designs with Microsoft Visio (including list of hardware and software requirements).
• Create reporting dashboard designs and reports for each environment that are specific to the following audiences: Leadership & Executives; Cybersecurity Staff; and System Administrators.
• Implement the Reporting Dashboard designs and use reporting tool to create reports.
• Maintain both the operating system and the Tenable application by updating and patching in accordance with Client requirements.
• Ensure STIGs applicable to each network environment for all ACAS implementations are implemented.
• Ensure any-and-all scans conducted cover 100% of intended assets and are being run successfully, i.e. credentialed access.
• Maintain the Nessus scanners, Agents and PVS's connectivity with the associated Security Center (SC).
• Ensure SC is being updated either manually, via professional feed, or via a Government hosted feed.
• Address unsuccessful updates of the SC and scanners, and identify the root cause of the unsuccessful update (corrected within four hours of discovery)..
• Ensure anomalous activity identified by the PVS on each subnet/VLAN is reviewed and tasked to the incident handler, as appropriate, within two hours of identification of the anomalous activity.
• Develop and/or update the Standard Operating Procedures (SOP) to support each of the Client's ACAS solutions.

Qualifications

Required Experience and Education:

• Knowledge and experience with ACAS SC, Nessus Vulnerability Scanners (NVS), and RHEL. Possesses understanding and experience with common cybersecurity toolsets and processes to include STIGs, CAS, IAVA Management and Implementation, and Operation Order (OPORD)/Fragmentary Order (FRAGO) support.
• DoD 8570 IAT III or IAM II (CISA, GSE, SCNA, or CISSP [or Associate], CAP, GSLC, CISM)
• 4+ years ACAS and/or Nessus experience
• Experience with virtualized environments (vSphere, ESXI)
• ACAS 5.4 or higher
• Red Hat Enterprise Linux (RHEL) experience (preferred)
• ACAS Operating System experience
• Scripting (Nessus Attack Scripting Language (NASL), Python, Bash) (preferred)

Work Schedule:

• General office environment. Work is generally sedentary in nature, but may require standing and walking for up to 10% of the time. The working environment is generally favorable. Lighting and temperature are adequate, and there are not hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available.
• Contractor site with 0-10% travel possible
• Possible off-hours work to support releases and outages
• 10 lbs. maximum lifting, occasional lift/carry of small articles
• Occasionally required to stand; frequently required to walk and sit
• Continually required to utilize hand and finger dexterity
• Occasionally required to climb, balance, bend, stoop, kneel or crawl
• Continually required to talk or hear
• Continually utilize visual acuity to operate equipment, read technical information, and/or use a keyboard

Security Requirements:

• Active DoD - Secret

Equal Opportunity Employer:

CommIT Enterprises, Inc. is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.