Supporting DHA Military Treatment Facilities (MTFs) around the world, assisting with the utilization of Assured Compliance Assessment Solution (ACAS) consisting of SecurityCenter, Nessus, and PVS.
Providing expertise and technical assistance to validate and remediate issues and vulnerabilities related to MTF and Program host risk posture (e.g., as applies to associated OS', Databases, patch status, and overall cyber health) via various automated security tools.
Training end users on the proper operation and procedures required to utilize the ACAS suite and related tools, administration of the application layer of each, troubleshooting application and server issues, and responding to myriad customer service requests.
Bachelors degree or 4 years of additional experience in lieu of degree.
2+ years of related experience.
Experience with scanning, troubleshooting, optimizing, and administrating vulnerability management software (i.e., Nessus).
Experience with researching vulnerabilities and installing hot-fixes.
Experience with vulnerability remediation software and techniques.
Experience with Windows Server administration and Remote Desktop Software.
Experience with creation and modification of Group Policy Objects to remediate windows vulnerabilities.
Experience with Active Directory administration to include user and machine accounts.
Experience with Active Directory security to include permissions to all objects and OU’s.
Knowledge of the Risk Management Framework (RMF) and the role of validation and remediation using SCTS or other automated system as part of the RMF approach.
Familiar with A&A process and the ability to identify issues with validating automated detection tool findings.
Working knowledge of various DoD operating systems STIGs and their application to an enclave’s security posture, particularly with regards to the RMF process.
Experience with remediation, mitigation, and reporting activities in response to DoD TASKORDs and IAVMs utilizing SCTS or other DoD approved automated patch management and validation tools.
The ability to work independently as well as collectively within a team, apply critical thinking techniques, and effectively communicate with customers and other team members, both orally and in writing.
Working in a team environment that requires knowledge sharing and flexibility.
Knowledge of myriad, applicable DoD cyber security processes and procedures.
Experience with McAfee ePolicy Orchestrator and/or DoD Host Based Security System (HBSS)
Experience with automated remediation software (Shavlik, Secunia, etc)
Experience with Microsoft Windows Systems Update Service (WSUS)
Experience with Microsoft Group Policy Management Console (GPMC)
Knowledge of Certificate Authorities (CA’s) and certificate revocation.
Using help-desk ticketing system to document customer issues.
Experience with writing/modifying batch files and SQL scripts.
Administration experience with Windows XP, 7, Server 2003, Server 2008, (32bit and 64bit) systems, as well as Linux Red Hat and CentOS.
Ability to effectively communicate information to sites that vastly vary in size (500-10,000 computers per network)
Experience with VSphere.
The ability to liaison with DISA representatives regarding the use and troubleshooting of DoD approved automated validation and remediation tools; this includes working with system and application log files and development and execution of scripts.