Vulnerability Management ECND009
IC-CAP LLC is a Woman Owned / HUBZone Small Business working in the Department of Defense and Intelligence Community. We are always looking for highly talented, energetic, and dynamic professionals that are interested in protecting the defense of our nation.
Some of the positions are future positions. Please look at the opening line of the job description to determine if this is an open or future position.
We are looking to fill this position at the following location(s):
- Norfolk, VA
Responsible for strengthening the defensive posture and cyber defense operational readiness of an IT Enterprise, our Enterprise Cyber Network Defense (ECND) program defends and protects Government assets from external Cyber Security attacks and Insider Threats that can potentially cause or create data, systems, networks, and personnel vulnerabilities.
Skills and Tasks: Exceptionally Complex, Inter-Discipline, Inter-Organizational. Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks.
Leadership/Management: May work individually or as a key member of a senior leadership team. Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues.
Guidance: Provides expert guidance and direction to Government and Vendor senior level technicians and managers. Directs multiple contractor and subcontractor teams through to project completion.
Functional duties consist of:
Install, configure, and maintain the Assured Compliance Assessment Solution(ACAS) framework and associated product suites.
Assist with major version upgrades of Assured Compliance Assessment Solution (ACAS) servers and clients.
Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
Work with security engineering team to integrate new capabilities, plan lifecycle replacements, and provide input into the security architecture roadmaps.
Maintain system documentation.
Prepares incident reports of analysis methodology and results.
Education and Experience:
HS/GED + 12 years
Associates Degree + 10 years
Bachelor’s Degree + 8 years
Master’s Degree + 6 years
PhD + 4 years
Security+ or other approved DoD 8570 IAT Level II Baseline Certification required prior to employment start.
The candidate must meet the DoD Approved CSSP Auditor Baseline Certification within 6 months after employment start.
TS/SCI with CI poly or the ability to gain a CI poly