Operate the security and compliance baseline configuration, inventory, and best practices for the vulnerability management solution (VMS) deployed across multiple unclassified and classified network locations supporting the implementation for Tenable products within Assured Compliance Assessment Solution (ACAS) including .SC (SecurityCenter™) and Nessus® scanners; Also 2.0 Architecture Components: Nessus Networking Monitor (NNM), Nessus Manager and Nessus Agents use cases.
Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise or local policy.
Ability to assess the level of risk, develop or recommend meaningful insights about the context of an organization threat environment to improve its risk management posture; measure effectiveness of systems/networks/endpoints that deviate from acceptable configurations, enclave or local policy.
Work in concert with other Tenable operators, integrator and IA personnel responsible for operating and maintaining the ACAS program in multiple enclaves
Coordinate system activities such as deploying, configuring, monitoring, tuning, upgrading, and troubleshooting Tenable components spanning local, remote and complex environments.
Record configurations, conduct assessments and submit suggestions to scan schedule(s), scanners scan zones, repository management, chart Credentials >Assets >Scans >Reports >Dashboards
Ability to analyze and document Department Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGs) applicable to each Non-classified or Secret Internet Protocol (IP) Router Network (NIPRNet, SIPRNet) environment for all ACAS implementations
Responsible for acquiring, configuring and ensuring external deliverables: DISA/Continuous Monitoring and Risk Scoring (CMRS), importing vulnerability and security audit plug-ins, DoD Patch Repository Defense Asset Distribution System (DADS), build/maintain vulnerability and audit repositories
Assist mapping scan zones, scanners, subnets to include leveraging enterprise network application tools such as Forescout, SolarWinds Orion, McAfee Endpoint Security Solutions (ESS) and/or Microsoft Endpoint Configuration Manager (MECM)
Continuously assesses current ACAS implementations for scans, assets, analysis and permissions
Assist with validation and sustainment of documentation such as System Security Plans, Network Address Declaration (NAD), security groups/roles/permissions and/or zones/credentials/scans
Document steps required to design/engineer ACAS systems for each network to include IP address, Fully Qualified Domain Name (FQDN), DNS entries, Role Based Access Controls (RBAC), service accounts, certifications, licenses and physical/virtual location of each component
Create network diagrams of the designs with Microsoft Visio (include specialty requirements)
Implement/create report dashboard designs, automated custom email report notifications, report repositories for each environment that are specific to the following audiences: Leadership & Executives; Cybersecurity Staff; System Administrators; Application Maintainers
Ensures networks receive periodic updates from AFCYBER-released software patches, updates, and upgrades via Time Compliance Technical Orders (TCTO), Time Compliance Network Orders (TCNO), Maintenance Tasking Order (MTO) and Notices to Airman (NOTAMs)
Responsible to assist/troubleshoot schedule scans are covering 100% of intended targets ensuring timely and accurate scanning and reporting per PMO, IA and DoD policies and orders.
Maintain the Nessus scanners connectivity with the associated Tenable.sc (formerly SecurityCenter)
Provide cyber security staff scanning capability and system administration continuity
Maintain effective communications with other external and internal teams essential to ACAS operations
Create/maintain/implement custom security policies in line with DISA ACAS best practice guidance
Assist AF Cyber personnel with the DISA Information Assurance Vulnerability Management (IAVM) programs, cybersecurity toolsets, and Operation Order (OPORD)/Fragmentary Order (FRAGO) support
Perform systems analysis, design review, integration of complex system applications
Ensures external networks receive cybersecurity inventory reporting for compliance data via ACAS to DISA CMRS and DoD Enterprise Logging Ingest and Cyber Situational Awareness Refinery (ELICSAR) Big Data Platform (BDP) and update Plan of Actions, Milestones (POAMs) documentation
Participate in all phases of the Vulnerability Management (VM) life cycle with emphasis on the scan, patch, rescan, mitigation factors and reporting phases
Assist in the installation/maintenance of configuration files, custom security policies, plug-ins, signatures, certificates, DISA STIGs and checklist configuration audits and other such files necessary to add vulnerability discovery capabilities into the ACAS system
Rack and provision government furnished equipment (GFE) servers when applicable
Candidate will report to the 26th NOS Information Assurance (IA) team leadership
Associates in Computer Science/Information Systems, Science/Engineering/Math with 1-3 years
of relevant experience OR Bachelors with 2-4 years of prior relevant experience. May substitute experience in lieu of degree.
Must have hands-on experience in:
ACAS and/or Tenable.sc (SecurityCenter) or Tenable Nessus products
Familiarity using ACAS or Tenable .SC/Nessus best practices
Linux-based (RHEL) or Windows operating systems support with experience in mid-to-large enterprise data center environment; familiarity with network patch/update management
Experience with virtualized environments (VMware vSphere, ESXi)
Must have experience setting up and executing Tenable Nessus scans, review scan data, assess reports and trends through SC interface; determine whether a completed scan provide valid results, and ensure reports/dashboards meet customer needs and expectations
Demonstrate advanced diagnostics, analytical, troubleshooting skills
System hardening experience strongly preferred
Scripting experience: Bash, Perl, PowerShell, Python, or Nessus Attack Scripting Language (NASL)
Disaster Recovery - knowledge in risk reduction, hot/warm site DR architecture
Knowledge of data communications, local-area networking (LAN), wide-area networking (WAN), VoIP, routers, switches, and firewalls
Advanced networking concepts, VLAN, trunking and port channel
Thorough understanding of Internet Protocol (IP) routing, switching, and OSI model
Possess refined critical thinking skills, should be a motivated self-starter, and multi-task capable
Good communication and interpersonal skills; Ability to follow policies and procedures
Ability to communicate in a clear speaking voice as well as the ability to respond clearly to questions
Aptitude to address negative situations and resolve them in a positive manner
Approach work tasks as diplomatic, adaptive to a dynamic environment, dependable and reliable
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
