Assured Compliance Assessment Solution (ACAS) Architect

Nisga'a CIOPS provides hands-on experienced services to civilian and DoD programs worldwide. Delivering highly skilled, cleared personnel who provide services on five continents for a portfolio of customers.

Summary:

The Assured Compliance Assessment Solution (ACAS) Architect is an on-site position located at McConnell AFB, KS. ACAS is comprised of Tenable Network's Security Center manager and the Tenable Nessus vulnerability scanner. The ACAS tool suite supports the IA/Computer Network Defense (CND) Operators (Tier I-Tier III) as well as the Audit and Inspector General personnel. ACAS includes Nessus scanners deployed throughout the Department of the Air Force and satellite servers located at Langley AFB, Peterson SFB, & McConnell AFB. Automated Remediation and Asset Discovery (ARAD) clients are installed on all ACAS backend infrastructure. ACAS includes automated reporting of scan compliance data to the DoD's web-based Continuous Monitoring and Risk Scoring system (CMRS).

The primary role for this position is to support the ACAS capabilities at McConnell AFB. The ACAS architect will provide on-site and remote engineering and integration services for the architecture and integration of products to include system architecture, solution design, performance audits, system reviews, documentation and data migration, scanning, and remediation. Other duties include performing site audits and technical account management such as managing third parties, providing technical assistance and mentoring as directed, as well as providing cybersecurity recommendations in support of ATO within the RMF system.

Essential Job Functions:

• Core Tasks
  • Provide support for PMO deployed enterprise ACAS infrastructure to sites during Cyber Operational Readiness Assessment (CORA) (formerly known as CCRI) preparation. This support does not include direct participation in scanning operations or patch implementation outside of the PMO deployed ACAS Infrastructure itself. Assistance is to be offered within predefined working hours and should not be interpreted as round-the-clock support.
  • Assist the PMO with maintenance of base/site lists and Internet Protocol host counts.
  • Provide remote scanning and remediation support, as necessary, to sites preparing for CORA.
  • Maintain effective communications with other teams essential to ACAS operation (e.g., Base Boundary, I-NOSC Boundary, Server Consolidated Environment, ADX, ANG NCC-R/GSU-V, etc.).
  • Support the reporting of compliance data via ACAS to the CMRS.
  • Facilitate, as necessary, the transition of ACAS Security Centers from SCE to the Air Force's new virtual infrastructure; the Area Processing Centers (APCs)/Air Force Provisional Enterprise Data Center (AFPEDC).
  • Author custom security policies.
  • Perform systems analysis, design review, programming, documentation and implementation of complex system applications and related IT/ADP systems concepts.
  • Participate in all phases of the software life cycle with emphasis on the planning, analysis, programming, testing and acceptance phases.
  • Author and/or assist in the authoring of configuration files, signatures, and other such files necessary to add new vulnerability discovery capabilities into the ACAS system tool.
  • AFIN Ops personnel in the implementation of the DISA Information Assurance and Vulnerability Management programs including vulnerability tracking and compliance reporting.
  • Assist with implementation of DISA-released software patches, updates, and upgrades.
  • Support, on a limited basis, the patching and management of additional systems via Satellite Server.
  • Accommodate, as necessary, PMO-led pilot programs of Internet Protocol version 6 (IPv6) and Passive Vulnerability Scanner on ACAS.
  • Utilize the ARAD system to patch and provide situation awareness of all ACAS systems.
  • Deploy and support Log Correlation Engine (LCE) to consolidate all logs from all backend ACAS infrastructure.
  • Support generation of ACAS reporting as necessary
• Risk & Compliance Management
  • Ensure compliance with DoD, Air Force, and industry security standards
  • Maintain operational readiness in accordance with procedures and policies
  • Assist in conducting risk assessments and applying mitigation strategies

Necessary Skills and Knowledge:

• Excellent leader with experience in managing staff of different disciplines to produce results in a timely manner.
• Excellent communication skills.
• Excellent problem-solving skills.
• Strong technical knowledge of network and systems infrastructure.
• Ability to work both independently and collaboratively in a mission-critical environment.
• Experience managing subcontractors, vendors, and technical personnel.
• Familiarity with U.S. DoD & U.S. Air Force procedures and the Air Force Information Network (AFIN).

Minimum Qualifications:

• A degree in a related field and a minimum of six (6) years of relevant experience or a total of at least ten (10) years of relevant experience
• Experience supporting DoD Information Network, AFIN or equivalent.
• Information Assurance (IA) Technician (IAT) Level II Certification

Preferred Qualifications:

• Linux+ Certification (i.e... LPIC-1)
• Successful completion of the DISA ACAS 32 Hour Course
• Experience in managing, implementing, and administering Tenable/Nessus.
• RedHat Certified System Administrator (RHCSA)

Pay and Benefits

At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.