Vulnerability Assessment​/ACAS Security Manager

Overview

Abacus Technology is seeking a Vulnerability Assessment/ACAS Security Manager to provide security and information assurance support for the Air Force Intranet Control (AFINC) III Support program at Maxwell AFB/Gunter Annex. This is a full‑time position.

• Perform assessments of systems and networks and identify where they deviate from acceptable configurations, DoD policy, or local policy/guidelines.
• Measure effectiveness of defense‑in‑depth architecture against known vulnerabilities using available tools within the organization to find them.
• Analyze, prioritize, and mitigate vulnerabilities to lower or eliminate risk.
• Create reports to effectively communicate problems and proposed solutions to the government.
• Actively manage (inventory, track, and request corrective action) all hardware devices on the network, ensuring only authorized devices are given access and preventing unauthorized or unmanaged devices from gaining access.
• Manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and prevent unauthorized or unmanaged software from installation or execution.
• Submit tickets to appropriate teams for corrective actions.
• Conduct, review, and validate vulnerability scans.
• Perform vulnerability scans, including analysis of results, identification of false positives, exceptions, and subsequent POA&Ms and/or MFRs creation, monitoring, and reporting to include POA&M status and contributions to monthly and quarterly reports.
• Collect and review data gathered from a variety of tools (including intrusion detection system alerts, firewall, network traffic logs, and host system logs) to analyze events for possible attacks within the environment.
• Validate, investigate, and analyze all response activities related to cyber incidents.
• Support creating and maintaining incident tracking information; plan, coordinate, and direct recovery activities; and analyze incidents, including examining all available information and supporting evidence of artifacts related to an incident or event.
• Perform assessments of systems and networks within the network environment or enclave and identify where those systems and/or networks deviate from acceptable configurations, enclave policy, or local policy.

3+ years experience in a cyber security or information assurance role. HS diploma or GED. Must be Security+ certified. Must hold a Forescout certification. Experience utilizing security‑relevant tools including NESSUS, ACAS, DISA STIGs, audit tools, Forescout, and ESS. Outstanding communication skills across all levels of the organization. Must be a U.S. citizen and hold a current Secret clearance.

Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

EOE/M/F/Vet/Disabled