ACAS Vulnerability Admin

SUMMARY:

The Administrator shall support the Client in the design and implementation of ACAS solutions for the Client's Enterprise Networks (GEN) as well as train operators from outside the organization and internal Information Assurance personnel to maintain and operate the Assured Compliance Assessment Solution (ACAS) tool functionality.

DUTIES:

• Rack and provision government furnished equipment (servers), install and patch operating systems, application, and document DISA STIGs applicable to each network environment for all Assured Compliance Assessment Solution (ACAS) implementations.
• Assess current ACAS implementations for each of the GEN networks and recommend changes.
• Document the steps required to design the ACAS solution for each of the GEN networks to include IP address, Fully Qualified Domain Name, and physical location of each component.
• Create network diagrams of the designs with Microsoft Visio (include list of hardware and software requirements).
• Create reporting dashboard designs and reports for each environment that are specific to the following audiences: Leadership & Executives; Cybersecurity Staff; and System Administrators.
• Ensure GEN networks receive periodic updates from either the DISA/DoD Patch Repository or Tenable.
• Implement the Reporting Dashboard designs and use reporting tool to create reports.
• Ensure scheduled scans are covering 100% of intended assets and are being run successfully.
• Maintain the Nessus scanners and PVS's connectivity with the associated Security Center (SC).

QUALIFICATIONS

EDUCATION AND CERTIFICATIONS:

• 2+ years ACAS and/or Nessus experience
• 3+ years' experience in supporting, configuring, administering Linux
• 3+ (RHEL) operating system in an enterprise environment
• Experience with virtualized environments (vSphere, ESXI)
• DoD 8570 IAT III or IAM II (CISA, GSE, SCNA, or CISSP (or Associate), CAP, GSLC, CISM)

BACKGROUND NEEDED AND YEARS OF EXPERIENCE:

• Knowledge and experience with ACAS Security Center (SC), Nessus Vulnerability Scanners (NVS), and Red Hat Enterprise Linux (RHEL). Possess understanding and experience with common cybersecurity toolsets and processes to include STIGS, CAS, IAVA Management and Implementation, and OPORD/FRAGO support.

TECHNICAL SKILLS (MUST HAVE):

• RHEL

TECHNICIAL SKILLS (PREFERRED):

• ACAS
• Scripting (NASL, Python, BASH)

WORKING CONDITIONS:

Contractor site with 0%-10% travel possible. Possible off-hours work to support releases and outages. General office environment. Work is generally sedentary in nature, but may require standing and walking for up to 10% of the time. The working environment is generally favorable. Lighting and temperature are adequate, and there are not hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available.

Strength Demands: Sedentary - 10 lbs. Maximum lifting, occasional lift/carry of small articles. Some occasional walking or standing may be required. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

Physical Requirements:

• Stand or Sit
• Walk
• Repetitive Motion
• Use Hands / Fingers to Handle or Feel
• Stoop, Kneel, Crouch, or Crawl
• Talk or Hear
• See
• Push or Pull
• Climb (stairs, ladders) or Balance (ascend / descend, work atop, traverse)

Skills & Requirements Qualifications