ACAS Engineer ( R-00081381 )
Leidos has a current job opportunity for a Tenable ACAS Engineer on the DISA GSM-O program in Alexandria, VA. An active Secret Security Clearance is required prior to start.
This position serves as a member of the Tenable ACAS team responsible for operating and maintaining the Joint Service Provider’s Assured Compliance Assessment Solution (ACAS) program. This position supports timely and accurate scanning and reporting per JSP and DoD policies and orders. Activities that this position will execute include performing systems analysis, modifying / updating Tenable applications based on results of analysis, deployment of application and tools, performing testing of deployed application and tools, and communicating updates to Tenable ACAS Lead and customers as required.
Serve as an integral member of a team of Tenable specialists supporting various organizations across the National Capital Region
Complete the following key functions for Tenable deployments across JSP’s area of responsibility:
Provide performance tuning to systems and troubleshoot Tenable components which span a large and complex environment
Provide solution engineering support to ensure systems and components meet current and future standards
Install updates to Tenable software as released and in compliance with STIG requirements
Deploy, maintain, and perform tuning of Tenable scanners to meet current and future needs
Develop / create, deploy, and manage Tenable scan configurations
Conduct scans and provide detailed reporting to the JSP DCO leadership as well as scanned organizations
Ensure that the ACAS scanners and Security Center are operational and reporting properly
Assist customers in resolving ACAS issues, make recommendations as needed
Perform monthly vulnerability scans and create repositories, queries, and dashboards as necessary to ensure vulnerability report information is available
Investigate false positives or potentially confusing scan data results
Develop tracking mechanism for false positives and track false positives until the finding is corrected; provide results upon resolution
Bachelor's degree and 8+ years of prior IT experience with 2+ years working with Tenable Security Center and Tenable Nessus agents within the DoD environment. Additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
Active Secret clearance or higher (program can support up to TS/SCI)
DoD 8570 IAT II certification is required prior to start.
Current RHEL certification or ability to obtain certification within 6 months of start date
Experience running ACAS on Red Hat Enterprise Linux (RHEL)
Hands-on experience with general RHEL administration and troubleshooting
Demonstrated experience with multiple network security zones, subnetting, VRFs, and VLANs
Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic finding.
Strong analytical and troubleshooting skills.
Cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
Advanced understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
Experience with malware analysis concepts and methods.
Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.