Apply Now    

Vulnerability Assessment Team Validator

Req #: 127142
Location: Linthicum, MD US
Job Category: Human Resources
Minimum Clearance Required: Top Secret

Job Description

POSITION SUMMARY: CACI is in search of a Vulnerability Assessment Team Validator for our newly awarded contract.  This Vulnerability Assessment Team (VAT) member position will support the DoD Information Assurance Vulnerability Management (IAVM) program for the Defense Cyber Crime Center (DC3).  These activities directly support cyber-crime investigations and operations to identify and mitigate cyber threats to the United States Air Force USAF and DoD personnel, interests, and resources worldwide.  The VAT is responsible for executing FISMA compliance activities including annual assessments of security control status, vulnerability assessments, annual testing of contingency plans, and incident response plans, configuration management and conduct Privacy Impact Assessments (PIA).   The team provides audit and advisory services, helps clients understand the complexity of issues such as performance, privacy, risk, controls, and data analysis.     RESPONSIBILTIES: The Validator is responsible for continuous vulnerability scans across a multitude of networked or standalone systems. Serves at the central coordination point of all network system vulnerability assessments, audits, and related studies conducted in the agency environment. Individual participates in activities traditionally associated with Incident Response, and vulnerability scanning, and is primarily responsible for routine Nessus scanning, network monitoring and intrusion detection, as well as additional Cyber Security analysis.   Individual will be responsible for providing associated monthly and ad-hoc scans using ACAS/Nessus as required on the Network Protection Suites (NPS) and owned and managed systems. The Validator is responsible for managing, disseminating, interpreting, and tracking compliance with IAVM associated messages, monitoring the system for Vulnerability Threats, looking at reports for advanced Cyber Security Analysis, and hunting for hidden threats.  In addition to assessing compliance based on requirements, and developing Plans of Action and Milestone (POA&M) documentation.   Individual will be responsible for vulnerability management related to web applications including periodic vulnerability scanning, web application scanning, and code scanning. In addition to, analyzing results, identifying false positives, identifying remediation plans, directing system developers on remediation plans, and managing remediation through closure. EDUCATION & EXPERIENCE: ·         Experienced in employing software engineering techniques in designing and developing software for vulnerability discovery and an understanding of the vulnerability management lifecycle. ·         Experienced in automation and scripting of applications and systems, i.e. Python, Perl, JavaScript, Splunk, and Archer. ·         Experienced with vulnerability scanning tools such as Retina and Nessus. ·         Experience working with web services technologies such as XML, JSON, SOA, REST, and AJAX. ·         Knowledge of Network Security Analysis using Intrusion Detection Systems. ·         Comprehensive understanding of Security Methodologies, firewalls, proxies, mail servers, and web servers. Advanced experience with vulnerability assessment. ·         Comprehensive knowledge of malicious code (worms, viruses, spy-ware, etc) ·         Demonstrated strong interpersonal and organizational skills and ability to serve as central coordination point. ·         Highly exceptional verbal and written communication skills, including ability to produce as well as provide expert review of accurate and timely technical reports are required of material for release to a larger community. ·         Other duties as assigned.  Typically requires a bachelor‘s degree or equivalent and five to seven years of related experience.   Desired Skills:   - Understanding of USAF and DoD standards from a FISMA compliance perspective. - Demonstrated experience developing Plans of Action and Milestone (POA&M) documentation. - Demonstrated experience conducting Privacy Impact Assessments (PIA). - Demonstrated experienced using Assured Compliance Assessment Solution (ACAS). - Superior organizational skills to analyze, develop, and deliver detailed reports meeting tight suspense windows. - Strong attention to detail and ability to prepare documents for customer review with limited direction. - Ability to work multiple tasks and flexibility to adapt to dynamic work environment to meet organizational requirements. ·         Experience authoring and editing standard operating procedures (SOPs), policies, and organizational communications.   PHYSICAL DEMANDS: Normal demands associated with an office environment. Ability to work on computer for long periods and communicate with individuals by telephone, email and face to face. Some travel may be required.

Job Location



CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

Apply Now