To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at https://career-events.leidos.com.

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by Leidos.com automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network
Skip to main content

Job #: R-00126417
Location: Mafb Gun Annx, AL
Category: Information Assurance
Schedule (FT/PT): Full Time
Travel Required: Yes, 10% of the time
Shift: Rotating
Remote Type: No Remote
Clearance: Secret
Referral Eligibility: Ineligible
Group: Digital Modernization

This job posting is no longer active.

Share: mail twitter linkedin

Description

Leidos is currently seeking an ACAS Engineer in support of the AFINC II contract for the highly visible 26th Network Operations Squadron (26 NOS) at Montgomery, Alabama, which provides a world-wide support mission. The 26 NOS is responsible for the intranet support of the entire Air Force network. The mission of the 26 NOS is to operate and defend the Air Force (AF) Enterprise computer network consisting of the AF Wide Area Network (WAN) routers, AF Network Increment 1 (AFNET Inc 1) Gateways, and the 26 NOS Local Area Network (LAN) assets.

The ACAS Engineer selected for this position works on a team that manages all the Air Force network boundary AFINC systems for the program to include updates, life cycle management, IAVMs, software patches, etc.  We are looking for Windows, UNIX/Red Hat, NetApp, and Splunk System Administrators.

Primary Responsibilities

  • Operates the security and compliance baseline configuration, inventory, and best practices for the vulnerability management solution (VMS) deployed across multiple unclassified and classified network locations supporting the implementation for Tenable products within Assured Compliance Assessment Solution (ACAS) including .SC (SecurityCenter™) and Nessus® scanners; Also 2.0 Architecture Components: Nessus Networking Monitor (NNM), Nessus Manager and Nessus Agents use cases

  • Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy

  • Ability to assess the level of risk, develop or recommend meaningful insights about the context of an organization threat environment to improve its risk management posture; measure effectiveness of systems/networks/endpoints that deviate from acceptable configurations, enclave or local policy

  • Work in concert with other Tenable operators, integrator and IA personnel responsible for operating and maintaining the ACAS program in multiple enclaves

  • Candidate will coordinate system activities such as deploying, configuring, monitoring, tuning, upgrading, and troubleshooting Tenable components spanning local, remote and complex environments

  • Record configurations, conduct assessments and submit suggestions to scan schedule(s), scanners scan zones, repository management, chart Credentials >Assets >Scans >Reports >Dashboards

  • Ability to analyze and document Department Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGs) applicable to each Non-classified or Secret Internet Protocol (IP) Router Network (NIPRNet, SIPRNet) environment for all ACAS implementations

  • Responsible for acquiring, configuring and ensuring external deliverables: DISA/Continuous Monitoring and Risk Scoring (CMRS), importing vulnerability and security audit plug-ins, DoD Patch Repository Defense Asset Distribution System (DADS), build/maintain vulnerability and audit repositories

  • Assist mapping scan zones, scanners, subnets to include leveraging enterprise network application tools such as Forescout, SolarWinds Orion, McAfee Endpoint Security Solutions (ESS) and/or Microsoft Endpoint Configuration Manager (MECM)

  • Continuously assesses current ACAS implementations for scans, assets, analysis and permissions

  • Assist with validation and sustainment of documentation such as System Security Plans, Network Address Declaration (NAD), security groups/roles/permissions and/or zones/credentials/scans

  • Create network diagrams of the designs with Microsoft Visio (include specialty requirements)

  • Implement/create report dashboard designs, automated custom email report notifications, report repositories for each environment that are specific to the following audiences: Leadership & Executives; Cybersecurity Staff; System Administrators; Application Maintainers

  • Ensures networks receive periodic updates from AFCYBER-released software patches, updates, and upgrades via Time Compliance Technical Orders (TCTO), Time Compliance Network Orders (TCNO), Maintenance Tasking Order (MTO) and Notices to Airman (NOTAMs)

  • Responsible to assist/troubleshoot schedule scans are covering 100% of intended targets ensuring timely and accurate scanning and reporting per PMO, IA and DoD policies and orders.

  • Maintain effective communications with other external and internal teams essential to ACAS operations

  • Create/maintain/implement custom security policies in line with DISA ACAS best practice guidance

  • Assist AF Cyber personnel with the DISA Information Assurance Vulnerability Management (IAVM) programs, cybersecurity toolsets, and Operation Order (OPORD)/Fragmentary Order (FRAGO) support

  • Perform systems analysis, design review, integration of complex system applications

  • Ensures external networks receive cybersecurity inventory reporting for compliance data via ACAS to DISA CMRS and DoD Enterprise Logging Ingest and Cyber Situational Awareness Refinery (ELICSAR) Big Data Platform (BDP) and update Plan of Actions, Milestones (POAMs) documentation

  • Participate in all phases of the Vulnerability Management (VM) life cycle with emphasis on the scan, patch, rescan, mitigation factors and reporting phases

  • Assist in the installation/maintenance of configuration files, custom security policies, plug-ins, signatures, certificates, DISA STIGs and checklist configuration audits and other such files necessary to add vulnerability discovery capabilities into the ACAS system

Basic Qualifications

  • Candidate should have 1 to 3 years of years of hands-on experience in:

    • ACAS and/or Tenable.sc (SecurityCenter) or Tenable Nessus products

    • Familiarity using ACAS or Tenable .SC/Nessus best practices

    • Linux-based (RHEL) or Windows operating systems support with experience in mid-to-large enterprise data center environment; familiarity with network patch/update management

    • Experience with virtualized environments (VMware vSphere, ESXi)

  • Any scripting experience: Bash, Perl, PowerShell, Python, Nessus Attack Scripting Language (NASL)

  • Knowledge of data communications, local-area networking (LAN), wide-area networking (WAN), VoIP, routers, switches, and firewalls

    • Advanced networking concepts, VLAN, trunking and port channel

    • Thorough understanding of Internet Protocol (IP) routing, switching, and OSI model

  • Technical degree, Associates or, Bachelor’s degree in Computer Science/Information Systems, Science/Engineering/Math or 2-4 years’ relevant experience in Information Technology preferably within system or application administration is acceptable

  • Active Secret government security clearance required

  • Requires a DoD 8570.01-M Information Assurance Technical (IAT) Level II certification:

    • CompTIA Security+ CE (Continuing Education)

    • CompTIA Cybersecurity Analyst (CySA+) CE (Continuing Education)

    • (ISC)² Systems Security Certified Practitioner (SSCP)

    • GIAC Global Industrial Cyber Security Professional (GICSP)

    • GIAC Security Essentials Certification (GSEC)

    • (ISC)² Systems Security Certified Practitioner (SSCP)

  • Requires at least one or more DoDM 8140.03 Computing Environment/Operating System (CE/OS) Defense Cyberspace Workforce Certification (DCWF) requirement(s) (or acquire within 120 days):

    • DISA ACAS Operator and Supervisor Course (current; expires every 3 years)

    • Preferred: sc Specialist Certification; Tenable.sc Expert Certification

    • Recommended: Tenable.sc Introduction and/or Tenable Nessus Fundamentals

  • Prefer one or more of the following CE/OS based technical certifications:

    • CompTIA Linux+ CE or Red Hat Certified System Administrator (RHCSA) or Linux Foundation Certified System Administrator (LFCS)

    • Microsoft based certification (current):

      • Microsoft Certified: Security, Compliance, and Identity Fundamentals

      • Microsoft Certified: Security Operations AnalystAssociate

      • Microsoft Certified: Identity and Access Administrator Associate

Preferred Qualifications

  • Possess refined critical thinking skills, should be a motivated self-starter, and multi-task capable

  • Good communication and interpersonal skills; Ability to follow policies and procedures

  • Ability to communicate in a clear speaking voice as well as the ability to respond clearly to questions

  • Aptitude to address negative situations and resolve them in a positive manner

  • Approach work tasks as diplomatic, adaptive to a dynamic environment, dependable and reliable

  • ITIL certification a plus

  • Splunk Core Certified User or Splunk Core Certified Power User

Pay Range:

Pay Range $65,000.00 - $117,500.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health. The company's global workforce of 47,000 collaborates to create smarter technology solutions for customers in heavily regulated industries. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $15.4 billion for the fiscal year ended December 29, 2023.  For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

This job posting is no longer active.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community