Cybersecurity - Acas

SAIC has an opportunity for a Scanning/Vulnerability Management Analyst (Cybersecurity Specialist-ACAS) to support the US Army Corps of Engineers Revolutionary IT Services (USACE RITS) program.

NOTE: This is a hybrid role, with 1 day a week onsite in the Washington, DC area and the other days virtual / work from home / remote position.

The Ideal Candidate will serve as a member of the Assured Compliance Assessment Solution (ACAS) team responsible for operating and maintaining the USCAE ACAS. This position supports timely and accurate scanning and reporting per USACE, DoD policies and orders.

The candidate should have at least 3-5 years of proven experience with Security and auditing tools for Windows and Linux operating systems such as ACAS, to include: installing, configuring, maintenance, backups, and restore.

Overall Duties include:

• Deploy, maintain, and perform tuning of ACAS scanners to meet current and future needs, IAW latest Best Practice Guide and CORA/CCRI requirements

• Develop / create, deploy, and manage ACAS scan configurations IAW ACAS BPG

• Conduct scans and provide detailed reporting to leadership

• Ensures scheduled scans are covering 100% of intended assets and are being run successfully.

• Ensure all ACAS scanners and Security Center are operational and reporting properly

• Perform required vulnerability scans and create repositories, queries, and dashboards as necessary to ensure vulnerability report information is available

• Investigate false positives or any invalid scan data results

• Develop tracking mechanism for false positives and track false positives until the finding is corrected; provide results upon resolution

• Upgrade Security Centers and Scanners to the latest DISA-approved version, as well as having the latest patches installed as they are approved and released.

• Continuously monitor the performance and integrity of ACAS, assess scan times, and make changes to improve performance.

EDUCATION and EXPERIENCE REQUIREMENTS:

• Bachelors and four (4) years or more experience. Additional four (4) years of experience in lieu of degree

• Scripting or Application programming interface (API) (i.e. PowerShell, Python, etc.) experience a huge plus

• Experience in supporting, configuring, administering Assured Compliance Assessment Solution (ACAS) and/or Nessus (MUST have)

CERTIFICATION REQUIREMENTS:

• Must have one (1) current DoD 8570 IAT II certification (i.e. CCNA Security, CySA , GICSP, GSEC, Security CE, CND, OR SSCP)

CLEARANCE REQUIREMENT:

• Must be able to obtain a full Secret Clearance; Interim Secret required prior to start, SAIC will help to obtain

• Must be a current US Citizen