Choisys Technology, Inc. is an ISO 9001, 20000, and 27001 certified and VA certified Service Disabled Veteran Owned Small Business (SDVOSB) Information Technology services provider located outside our nation's capital and in the epicenter of the Government IT industry. Choisys is an information technology infrastructure services provider with offerings in: Systems Engineering, Network Infrastructure Engineering, Video Teleconference Solutions Engineering and Program Management. Our proficiencies are Medical IT Services, Education/Training IT Services and Government IT Services.
The mission of the Client is to develop, operate, and maintain enterprise tools and systems to provide situational awareness of network health, vulnerabilities, threats, and events within the Government Enterprise Network and to operate and enhance enterprise tools enabling IT service support and operational management. The Client’s support includes comprehensive Operations and Maintenance (O&M) of USMC enterprise and information systems, both unclassified and classified, deployed in support of the Client’s mission.
The Analyst shall operate and maintain the ACAS solution, to support network and application scanning and configuration assessments are conducted and incidents are resolved in accordance with the incident response table and client SOPs.
- Ensure scheduled scans are covering 100% of intended assets and are being run successfully.
- Maintain the Nessus scanners and PVS’s connectivity with the associated Security Center (SC).
- Ensure SC is being updated either manually, via professional feed, or via a DISA-hosted feed.
- Address unsuccessful updates of the SC and identify the root cause of the unsuccessful update (corrected within four hours of discovery).
- Ensure anomalous activity identified by the PVS on each subnet/VLAN is reviewed and tasked to the incident handler, as appropriate, within two hours of identification of the anomalous activity.
- Develop and/or update the Standard Operating Procedures (SOP) to support each of the Marine Corps Enterprise Network (MCEN) ACAS solutions documented within the SharePoint Portal.
- Installation, monitoring, testing, troubleshooting, and administration of the Nessus and Passive Vulnerability Scanner applications.
- Configures, optimizes, and tests vulnerability scans against new and existing Operating Systems and platforms.
- Perform Nessus vulnerability scans, Nessus agent scans, and Passive vulnerability scans.
- Perform scan policy analysis & configuration to determine the impact of vulnerability scanning against target devices.
- Troubleshoot credential failure issues by performing configuration analysis against the target device.
- Create ACAS queries to optimize processes, procedures, and analysis.
- Conduct vulnerability analysis, research, and script analysis to verify potential false positives.
Education and Certifications:
- 2+ years’ experience providing back-end ACAS support
- DoD 8570 IAT III or IAM II (CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CAP, CISM, GSLC)
- Clearance Level: Active DoD - Secret
Background Needed and Years of Experience:
- 2+ yrs Knowledge and experience with ACAS Security Center (SC) and Nessus Vulnerability Scanners (NVS)
- Possess understanding and experience with common cybersecurity toolsets and processes to include STIGS, CAS, IAVA Management and Implementation, and OPORD/FRAGO support.
ADDITIONAL SKILLS & QUALIFICATIONS:
Technical Skills (Must Have):
- ACAS Administration
- DoD 8570 IAT II certification
Technical Skills (Preferred):
- 3+yrs ACAS administration in large environment
- 5+ Yrs of related IA/data security
- DoD 8570 IAT III or IAM II certification
Choisys Technology, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status. The candidate must have the ability to sit for long periods of time, ability to discern colors, ability to read and monitor a computer screen for an extended period, 100% requirement to work on site.