ACAS Security Engineer

Job Description

Clearance: Secret Mandatory to Apply (Active/Valid)

OSAAVA Services is looking for a ACAS Security Engineer IRES - SSFB to support the IRES Contract at Shriever SFB in Colorado Springs.

Essential Duties: The ACAS Security Engineer supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. The candidate will:

• Build, configure, and maintain ACAS Scanners and Security Center Server.
• Conduct scans and report/share data with system admins and functional leads
• Conduct STIG and configuration management and assessments.
• Coordinate with ArcSight/ESS/Elastic administrators to conduct network vulnerability management.
• Author reports utilizing automated systems to audit license utilization on all associated MDSEA environment.
• Provide license utilization reports to appropriate teams per the defined schedule.
• Work with stakeholders to identify discrepancies in software and/or hardware assurance reports.
• Evaluate software and/or hardware assurance status for approval using the established process.
• Complete research and reviews of software and/or hardware products to ensure they meet quality criteria prior to integration.
• Perform other ISSO duties as assigned.
• Essential Experience: Must have one of the following combinations of education and experience: HS Diploma (or GED) and 10 years of general experience; Associate's degree and 8 years of general experience; Bachelor's degree and 6 years of general experience; Master's degree and 4 years of general experience
• Must have 6 years of directly related experience in information technology
• Must have experience with DoD cybersecurity processes and procedures
• Must have experience with tools to perform data correlation (e.g. ACAS, HBSS, ArcSight)
• Must have a current DoD 8570.01M IAT Level II certification
• Must have an active DoD Secret Security Clearance
• Essential Qualifications / Certifications: CompTIA Security
• Preferred but Not Essential Criteria (Experience, Qualifications, Certifications):
• Have experience with consolidating data exports from auditing tools to provide knowledgeable insights
• Familiarity with DISA STIGs and experience applying STIGs in operational environments
• Working knowledge of RMF (NIST SP 800-53 Rev. 5) and eMASS workflows
• Exposure to host-based security tools such as ESS (Trelix)
• Knowledge of network segmentation, firewall rules, and their impact on scan results
• Experience supporting authority to operate (ATO) packages or Plan of Action & Milestones (POA&M) development
• Exposure to containerized environments (e.g., Docker/Kubernetes) and scanning container images with Prisma
• CompTIA CASP , CySA , or PenTest certifications
• Experience mentoring junior analysts or supporting cyber workforce development
  
  

Company Description

Cyber Security company, specializing in specific cyber defense activities and IT services. We are a SDVOSB.

Company Description

Cyber Security company, specializing in specific cyber defense activities and IT services. We are a SDVOSB.

Cyber Security company, specializing in specific cyber defense activities and IT services. We are a SDVOSB.