This JWICS Cybersecurity Inspection Program Technical Reviewer will play pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive assessments through detailed analysis of vulnerability scans to ensure compliance with Intelligence Community Directives (ICDs), IC Technical Implementation Guides (TIGs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 rev 5 security controls. Utilizing automated tools, including Tenable and Splunk, these professionals perform documentation reviews, employ checklists and guides to write report and develop a qualitative risk assessment on target organizations. Their assessments examine the mission owners’ critical capabilities and mission impacts if secure operations lack security protections needed to defend their cyber infrastructure and mitigate high-risk vulnerabilities to the enterprise. Beyond inspection duties, Technical Reviewers contribute to maturing organizational processes, training initiatives, and program-wide support through cross-functional collaboration.

The ACAS reviewer is responsible for the following during an inspection:

• Working with system administrators to verify scan policies and run scans
• Troubleshoot coverage challenges across multiple technologies (during a vulnerability assessment includes Windows Servers, network devices/routers/switches (across various vendors such as CISCO, Juniper, Palo Alto, and others) windows workstations, windows virtual environments, host base security (McAfee and others), and other technologies as the program matures and expands its technologies repertoire.)
• Obtaining system-specific scans from site personnel including vulnerability, audit, and port scans to be utilized for sampling during an inspection
• Consolidating reports on an organization’s enterprise. Reports from the scanning tool should include, at a minimum, technology-specific findings, most vulnerable systems, technical summaries of vulnerabilities, plug-in names, severities, and patch status
• Validating correct scanning configurations
• Conducting interviews
• Conducting compliance scans (using SCAP with Nessus audit files)
• Completing and developing checklists
• Conduct open port scans at each organization
• Providing input to written reports on compliance and associated risks
• Coordination with the purple team and cyber threat emulation activities
• Advanced writing skills; experience in coordinating multiple viewpoints into a cohesive document
• Attention to detail is an imperative skill for success
• Experience with DISA STIGs and STIG Viewer tool
• Interact with leadership and site technical staff in advance of conducting inspections to facilitate scoping, data to support security controls assessment input, and execution of operational inspection plans.
• Responsible for interviewing organizational subject matter experts in conducting STIG, TIG, SRG, and IC policy checklists
• Collect data in support of reviewing a comprehensive Threat Informed Critical Controls List (TICCL), provide written input on review of required security controls, potential vulnerability exploitation, and how MITRE ATT&CK© techniques are plausibly successful based on organizational weaknesses. Ensure inputs link back to security controls
• Participating in the planning, execution, and reporting of security audits and network vulnerability assessments with minimal supervision
• Assisting in preparation of assessment deliverables –Security Risk Assessments input, compliance data, STIG data, etc.
• Communicating on impact of vulnerabilities verbally, through presentations and written deliverables
• Plan, execute, and report on information technology, privacy, and operational reviews to identify mission, privacy, security, compliance, information technology, and regulatory risks
• Familiar with a variety of cybersecurity concepts, practices, and procedures. Relies on extensive experience and judgment to plan and accomplish goals

 Qualifications

• Current TS/SCI w/CI Poly security clearance
• Bachelor’s Degree and 12 years total experience or the equivalent combination of education, professional training, or work experience
• At least five (5) years of experience in system administration, specifically with ACAS platforms such as Tenable, Nessus, and Qualys. A minimum of ten years of experience in Cyber/Information Assurance, with a comprehensive understanding of cybersecurity disciplines including but not limited to the Risk Management Framework, DevSecOps, and cybersecurity engineering.
• Certification in DoD 8570.01-M Cybersecurity workforce, compliance with DoD Directive 8140 Cyberspace Workforce Management, and IAT Level III.
• Experience in engineering and operations & maintenance of enterprise Vulnerability Scanning platforms (e.g., Tenable, Nessus, Qualys). Ability to analyze raw vulnerability data and develop enterprise level reports. Understanding of enterprise Nessus security center architecture.
• Proficiency in using advanced vulnerability assessment and reporting tools such as Tenable, Splunk, and Tableau.
• Demonstrated ability to operate across departments to implement cybersecurity principles effectively.
• Capable of multitasking with efficient time management and possessing a comprehensive understanding of cyber threats, vulnerabilities, and network security methodologies.