Overview: Seeking high-level IT Professionals to provide ACAS/HBSS System Administration duties including reviewing, analyzing, and documenting security vulnerability and compliance scans within the National Military Command Center.
Roles and Responsibilities:
Installation, monitoring, testing, troubleshooting, and administration of the ACAS/Nessus Vulnerability Scanner applications
Experience with vulnerability scanning tools to include and understanding of Vulnerability Management System and Continuous Monitoring and Risk Scoring.
Experience with security architectures - Experience in Windows, Linux and UNIX operating system administration
Provide technical support to customers involving a wide range of software, hardware, and DoD specific applications with respect to the ACAS solution
Experience with network design, LAN/WAN systems and lab configuration to include the following capabilities: Installing, operating and maintaining routers, switches, domain controllers, member servers, clients, etc. Ability to replicate client environment issues Understanding networking support to include TCP/IP, DNS, and SMTP issues
Analyze and assist in the application of (STIGs) and (IAVAs)
Ensure scheduled scans are covering 100% of intended assets and are being run successfully
Ensure SC is being updated regularly; address unsuccessful updates of the SC and identify the root cause of the unsuccessful update
Configure, optimize, and test vulnerability scans against new and existing Operating Systems and platforms
Perform scan policy analysis & configuration to determine the impact of vulnerability scanning against target devices
Troubleshoot credential failure issues by performing configuration analysis against the target device
Conduct vulnerability analysis, research, collaborate with System Administrators to mitigate identified vulnerabilities and/or author Plans of Actions and Milestones (PO&AM) as needed
Configure, operate, and maintain HBSS and its components (ePolicy Orchestrator, McAfee Agent, Data Loss Prevention, Host Intrusion Prevention System, Policy Auditor, ESS, Asset Baseline Monitor, and Virus Scan Enterprise) on Windows and Linux creating exceptions to allow essential processes to continue uninterrupted
Provide guidance on vulnerability and malware remediation.
Ability to analyze the customer’s needs and identify security requirements / solutions.
Experience with DoD STIGS, IA Tools (SCCVI, SCRI, Host Based Security System) , program, and Risk Management Framework
Experience with Remedy
Shift Hours: Day-Shift; core support hours are 0600 -1800.
Required Qualifications:
Qualified candidates must possess a TS/SCI security clearance
Security+ CE
Effective communication and presentation skills (i.e., ability to present ideas effectively in formal and informal situations in group and individual settings).
Strong planning, organizational, and time management skills (i.e., ability to effectively plan, organize, and prioritize work, and to control and follow up to assure work completion).
Demonstrated initiative (i.e. initiate appropriate action without being directed) and ability to work independently.
Strong interpersonal skills (e.g., ability to work effectively on teams, communicate effectively, work/interact effectively and amicably with people from diverse backgrounds and cultures and with diverse personal attributes).