Smartronix, LLC, is an information technology and engineering solutions provider specializing in Cloud Computing, Cyber Security, Health IT, Network Operations, and Mission-Focused Engineering. Smartronix is seeking an Information Assurance Security Specialist to provide IA Vulnerability Assessment support for enterprise assets. A strong understanding of DoD STIG/ IAVA and compliance processes are necessary in order to be successful in this position. Assured Compliance Assessment Solution (ACAS) is the primary tool used to facilitate a compliant and secure network.
Conduct vulnerability scans on a regularly scheduled basis, and ad hoc, as directed.
Provide a regularly updated list of systems scanned and individual scan results.
Coordinate scans with respective system owners.
Provide scan results to system engineers for mitigation efforts.
As required, work directly with system engineers to clearly identify changes.
Maintaining configuration items and executing functions on vulnerability management platform, to include ACAS, Nessus, STIG Validation Scans and Manual Checks.
Assist in annual Command Cyber Operational Readiness Inspection and provide risk assessment analysis support, as required.
Creating essential documentation (procedures, scanning reports, remediation reports, etc.), providing analysis and metrics on vulnerabilities, and driving remediation of vulnerabilities throughout the organization.
Serve as a subject matter expert for vulnerability scanning and STIG Compliance procedures, ACAS 4.6 or higher execution/operation.
Attend meetings and provide recommendations concerning Risk Management and mitigation efforts for organizational assets.
Ability to develop and maintain metrics and reports on vulnerability findings and remediation compliance.
Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to our environment and communicating applicable vulnerabilities and recommended remediation actions to the impacted teams.
Provide technical support to system and technology owners to propose mitigation and remediation solutions.
Provide input to leadership for enhancing the vulnerability and risk management strategies.
Smartronix provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Demonstrated ability to work effectively in an ambiguous environment
Strong oral and written communications skills
Strong analytical and problem-solving skills and proactive thinking skills
Strong knowledge of threats and vulnerabilities associated with network security
High-level familiarity with Vulnerability Management tools such as ACAS, SCAP, and SCCM.
Basic level familiarity with DoD and other Cyber Security Regulatory Compliance bodies
Ability to drive automation of vulnerability management platform and processes
Understanding of how to classify and prioritize the risk of new vulnerabilities based on the operating environment
A Cyber Security Team team-player contributing to policy development, RMF package accreditation requirements
3+ Years of Information Security Experience, working with Vulnerability management tools
Active Top Secret clearance
DoD 8570 IAT III Level Certification Required (CISA, GCIH, GCED, CISSP/Associate)
No Travel Required
Clearance Level Required
US Citizenship Required