Vulnerability Scanner Analyst - First Information Technology Services Alexandria, Virginia, United States Bookmark Share Print 145 0 0

Listing Description

FITS is seeking a Vulnerability Scanning Analyst to join our Vulnerability Analysis Team. The selected candidate will utilize various tools to perform vulnerability and compliance scans of OS, database, and applications using industry standard tools in support of the client’s Continuous Monitoring effort. An understanding and experience with common cybersecurity toolsets and processes, including STIGs, ACAS, IAVA Management and Implementation, are required.

Job Description

  • Document DISA STIGs applicable to each network environment for all Assured Compliance Assessment Solution (ACAS) implementations.

  • Assess current ACAS implementations for each of the networks and recommend changes.

  • Document the steps required to design the ACAS solution for each of the networks to include IP address, Fully Qualified Domain Name, and physical location of each component.

  • Create reporting dashboard designs and reports for each environment that are specific to the following audiences: Leadership & Executives; Cybersecurity Staff; and System Administrators.

  • Ensure networks receive periodic updates from either the DISA/DoD Patch Repository or Tenable.

  • Implement the Reporting Dashboard designs and use reporting tool to create reports.

  • Ensure scheduled scans are covering 100% of intended assets and are being run successfully.

  • Maintain the Nessus scanners and PVS's connectivity with the associated Security Center (SC).

  • track and report the compliance statistics of vulnerabilities on assets in the CG Assured Compliance Assessment Solution (ACAS), DISA Continuous Monitoring and Risk Scoring (CMRS), and Continuum portals and maintain asset management within the prescribed tools.

  • Support the accessing, analyzing, and reporting Continuous Monitoring and vulnerability remediation data from the Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), and Microsoft System Center Configuration Manager (SCCM) application suites.

Required Qualifications

  • Active DoD Secret Security Clearance (Top Secret preferred)

  • DoD 8570 IAT Level 2 or 3 certified:

    • CCNA Security

    • CySA+

    • GICSP

    • GSEC

    • Security+ CE

    • CND

    • SSCP

    • CASP+ CE

    • CCNP Security

    • GCED

    • GCIH

    • CCSP

  • 1-3 years’ hands-on experience with ACAS/Tenable Nessus configuration 

  • US Citizenship

Additional Qualifications

  • Must be self-motivated and be able to work both in a team environment and independently.

  • Demonstrates knowledge of networking concepts, devices (Firewalls, Routers, Switches, and Load Balancers), ports, protocols, and services.

  • Has working experience with various Operating System Platforms (Windows, UNIX, and end-user) as applied to an enterprise environment.

  • Must be able to research and recommend resolutions to technical issues.

  • Has experience in configuration, customization, operation and troubleshooting Operating System, Database, and Application-Level vulnerability scanning tools.

  • Has experience analyzing scan results to determine if scans were successfully completed.

  • Demonstrates an understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).

Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided


  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765