Vulnerability Assessment Analyst

Electrosoft Services, Inc. is an award-winning company that provides comprehensive technology-based solutions and services to federal customers. While cybersecurity is our specialty, we also focus on ICAM, enterprise IT modernization, and software solutions. We always seek to delight our customers, so we retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance. What sets us apart from all other contractors is the sense of teamwork our employees feel - and the knowledge that outstanding effort is recognized and rewarded. The camaraderie we share emanates from Lunch & Learn sessions where we explore new ideas together, fun group activities ranging from escape rooms to miniature golf, and much, much more. If we've described you and your dream workplace, please apply and share in the many benefits and opportunities we offer.

Vulnerability Assessment Analyst

Work Location:

Required onsite work at the client location at Scott Air Force Base, Illinois with some ability to telework on occasion.

Job description

Electrosoft Inc. is seeking an ACAS administrator to support the implementation and sustainment of government-mandated Assured Compliance Assessment Solution (ACAS) system, which is comprised of Security Center, Nessus Manager, Nessus Scanner and the Nessus Network Monitor. The ACAS admin will provide automated network vulnerability scanning, configuration assessment, and network discovery. Responsibilities include gathering technical and functional requirements, completing design documentation, and installation, configuration, and sustainment of the solution.

Duties & Responsibilities:

• Scan the USTRANSCOM networks for vulnerabilities using DoD standard scanning tools
• Provide reports to the system administrators, leadership, and other organizations
• Maintain the scanning servers and laptops by applying the required vendor patches and updating the scanning engine and audit files
• Maintain situational awareness of current vulnerabilities and exploits

Qualifications:

• Minimum of a Bachelor of Science (or higher) in one of the following: computer engineering, computer science, IT, cyber security, or a related field.
• Relevant years of experience may be used in substitution for situations where the candidate does not have a Bachelor's degree in the required field.
• Must have a current 8140 Cyber Security compliant certification in one of the following: CFR, CISA, CISM, CySA , GPEN, GSNA, or advanced degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology or Software Engineering.
• Minimum of an active Secret Clearance.
• At least 5 years' experience in patch management
• Experience using Tenable Nessus to conduct vulnerability and compliance scans
• Experience with vulnerability mitigation and reporting
• Experience in Windows Operating System Environment
• Experience with DISA's Vulnerability Management System
• Some experience with DISA STIGs
• Some experience with Unix/Linux based systems
• Some experience with Cisco network devices
• Experience administering Windows Servers or Workstations
• Basic understanding of cryptographic principles
• Basic understanding of cloud environments to include containers and Kubernetes
• Must have highly effective communication skills both oral and written