Cyber Security Engineer ACAS

Description

We are seeking a highly skilled Cybersecurity Engineer to join our Army Global Unified Network (AGUN) cybersecurity team. This position requires a strong background in cybersecurity compliance, system hardening, and Risk Management Framework (RMF) assessments. The ideal candidate will bring hands-on experience maintaining Tenable Assured Compliance Assessment Solution (ACAS) servers at the Operating System (OS) level, experience with the Enterprise Mission Assurance Support Service (eMASS) activities, conducting STIG evaluations, and supporting Information Assurance Vulnerability Management (IAVM) compliance for both AGUN systems and infrastructure components.

Key Responsibilities:

• Serve as the Information System Security Officer (ISSO) for designated systems, ensuring compliance with DoD and AGUN cybersecurity policies and procedures.
• Maintain Tenable Assured Compliance Assessment Solution (ACAS) servers at the Operating System (OS) level
• Manage and maintain Tenable ACAS (Security Center/Nessus) infrastructure and perform routine vulnerability scans.
• Conduct Security Technical Implementation Guide (STIG) assessments on Red Hat Linux (RHEL 8/9), Cisco network devices, and Palo Alto firewalls.
• Ensure compliance with Information Assurance Vulnerability Management (IAVM) processes and reporting requirements.
• Analyze vulnerability scan results and provide risk mitigation strategies and POA&Ms.
• Document system security controls, findings, and implementation procedures.
• Support security architecture analysis and coordination for systems utilizing AGUN environments.

• Active DoD Secret Clearance (must be current and verifiable).
• Current CompTIA Security+ CE Certification (DoD 8570 IAT Level II baseline certification).
• Minimum of 10 years experience.
• Minimum 3+ years of ISSO experience supporting DoD systems.
• Hands-on experience at the Operating System (OS) level with Tenable Security Center/Nessus and ACAS platform administration.
• Proficiency with eMASS and RMF package development.
• Knowledge of IAVM compliance procedures and integration into system operations.
• Strong understanding of DoD RMF, including security control assessment and POA&M management.
• Experience conducting STIG compliance reviews on RHEL, Cisco IOS/NX-OS, and Palo Alto NGFWs.
• Demonstrated experience reviewing DISA STIGs utilizing approved tools (eg. Evaluate STIG and STIG Viewer).

• Military experience or prior support of DoD mission systems.
• Familiarity with Joint Regional Security Stack (JRSS) network architecture and security compliance requirements.