- Interacting with leadership and site technical staff in advance of conducting inspections to facilitate scoping, data to support security controls assessment input, and execution of operational inspection plans
- Responsible for interviewing organizational subject matter experts in conducting STIG, SRG, and IC policy checklists
- Collect data in support of reviewing a comprehensive Threat Informed Critical Controls List (TICCL), provide written input on review of required security controls, potential vulnerability exploitation, and how MITRE ATT&CK techniques are plausibly successful based on organizational weaknesses. Ensure inputs link back to security controls
- Participating in the planning, execution, and reporting of security audits and network vulnerability assessments with minimal supervision
- Assisting in preparation of assessment deliverables -Security Risk Assessments input, compliance data, STIG data, etc.
- Communicating on impact of vulnerabilities verbally, through presentations and written deliverables
- Plan, execute, and report on information technology, privacy, and operational reviews in order to identify mission, privacy, security, compliance, information technology, and regulatory risks
- Familiar with a variety of cybersecurity concepts, practices, and procedures. Relies on extensive experience and judgment to plan and accomplish goals
- Lead sites to conduct highly controlled vulnerability scans of their environment to produce accurate and objective report results
- Conduct operating system, application, and database vulnerability compliance assessments using scanning tools
- Assist sites in resolving connection and access issues to ensure accurate scan data, analyze vulnerability assessment data, create reports, and assist Red Team assessment efforts
- Analyze network, operating system, application, and database security posture, DISA Security Technical Implementation Guidelines (STIG), IC and CNSS directives, NIST security configuration checklists, and security updates to systems and software to provide support to inspection reports
- Working with system administrators to verify scan policies and run scans
- Troubleshoot coverage challenges across multiple technologies (during a vulnerability assessment includes Windows Servers, network devices/routers/switches (across various vendors such as CISCO, Juniper, Palo Alto, and others) windows workstations, windows virtual environments, host base security (McAfee and others), and other technologies as the program matures and expands its technologies repertoire.)
- Obtaining system-specific scans from site personnel including vulnerability, audit, and port scans to be utilized for sampling during an inspection
- Consolidating reports on an organization's enterprise. Reports from the scanning tool should include, at a minimum, technology-specific findings, most vulnerable systems, technical summaries of vulnerabilities, plug-in names, severities, and patch status
- Validating correct scanning configurations
- Conducting interviews
- Conducting compliance scans (using SCAP with Nessus audit files)
- Completing and developing checklists
- Conduct open port scans at each organization
- Providing input to written reports on compliance and associated risks
- Coordination with the purple team and cyber threat emulation activities
- Advanced writing skills; experience in coordinating multiple viewpoints into a cohesive document
- Attention to detail is an imperative skill for success
- Experience with DISA STIGs and STIG Viewer tool.
-
JCIP ACAS Technical Reviewer- Senior
1 week ago
Pueo Business Solutions Reston, United StatesPueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a small business with a flat organization that thrives on career development and independenc ...
-
Senior Technical Reviewer
2 weeks ago
ProCleared LLC Reston, United StatesJCIP Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive assessments through detailed analysis of vulnerability scans to ensure compliance with Intelligence C ...
-
JCIP Senior HBS Technical Reviewer
2 weeks ago
Pueo Business Solutions Reston, United StatesJob Description · Job DescriptionPueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a small business with a flat organization that thrives on c ...
-
Senior Information Review and Release Analyst
2 weeks ago
Legion Consulting Solutions Herndon, United StatesJob Description · Job DescriptionTarget Salary: Up to $130,000 · Security Requirements: TS/SCI/FS Poly · Location: Herndon, VA · Certifications: None · Job Description: · Serve as the case manager and reviewer for the various case types to include, but not limited to FOIA, litiga ...
-
JCIP Senior HBS Technical Reviewer
1 week ago
Pueo Business Solutions LLC Reston, United StatesJob Description · Job Description · Pueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a small business with a flat organization that thrives ...
-
Kavaliro Herndon, United StatesKavaliro has partnered with a client who is seeking a Information Review and Release Analyst in the Herndon, VA area to support a dynamic Intelligence Community-customer, in a fast-paced environment. · The position is full-time and offers a flexible work schedule. The ideal candi ...
-
JCIP Senior Network Technical Reviewer
2 weeks ago
Pueo Business Solutions Reston, United StatesJob Description · Job DescriptionPueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a small business with a flat organization that thrives on c ...
-
Senior Quality Reviewer
2 weeks ago
Liberty Healthcare Corporation Berwyn Heights, United StatesJob Description · Human services professionals are encouraged to consider an outstanding career opportunity with Liberty Healthcare Corporation. · In partnership with Maryland's Developmental Disabilities Administration, Liberty Healthcare operates a statewide program which endea ...
-
Senior Editor, Editorial Review
4 days ago
NPR Washington, United StatesOVERVIEW · A thriving, mission-driven multimedia organization, NPR produces award-winning news, information, and music programming in partnership with hundreds of independent public radio stations across the nation. The NPR audience values information, creativity, curiosity, and ...
-
Senior Editor, Editorial Review
17 hours ago
NPR Washington, United StatesOVERVIEW · A thriving, mission-driven multimedia organization, NPR produces award-winning news, information, and music programming in partnership with hundreds of independent public radio stations across the nation. The NPR audience values information, creativity, curiosity, and ...
-
Pueo Business Solutions Reston, United StatesJob Description · Job DescriptionPueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a small business with a flat organization that thrives on c ...
-
Senior Merit Review Officer
2 weeks ago
Pcori Washington, United StatesStaffing Advisors has been exclusively retained by Patient-Centered Outcomes Research Institute ("PCORI") to conduct a search for a Senior Merit Review Officer PCORI is an equal opportunity employer. · Interested candidates may send resumes to: Aileen Hedden at with "PCORI - Sr ...
-
Senior Director, Strategic Account Reviews
3 weeks ago
The Health Management Academy Arlington, United StatesAbout The Health Management Academy: · The Health Management Academy (THMA) brings together health system leaders and innovators to collectively address the industry's biggest challenges and opportunities. By assisting executives in cultivating peer networks, understanding key st ...
-
Senior Director, Strategic Account Reviews
2 weeks ago
The Health Management Academy Arlington, United StatesJob Description · Job DescriptionAbout The Health Management Academy: · The Health Management Academy (THMA) brings together health system leaders and innovators to collectively address the industry's biggest challenges and opportunities. By assisting executives in cultivating pe ...
-
JCIP ACAS Technical Reviewer- Senior
2 weeks ago
Pueo Business Solutions Washington, United StatesJob Description · Job DescriptionPueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a small business with a flat organization that thrives on c ...
-
Senior Estimator
2 weeks ago
Gpac Fairfax, United States Full timeSENIOR ESTIMATOR JOB DESCRIPTION (Ground-Up Commercial) · This highly reputable company is looking to add a Senior Estimator to their team With a focus on diverse ground-up Commercial projects, this company provides premier services that continue to attract new and repeat clients ...
-
Senior Proposal Manager
4 weeks ago
Brillient Reston, United States Full timeJob Details · Description · Sr Proposal Manager · The Senior Proposal Manager will work remotely in a hybrid model of approximately four (4) days per week remotely, and approximately one day per week at our corporate headquarters in Reston, VA. Independently and in fluid team ...
-
Senior Accountant
2 weeks ago
Van Metre Companies Fairfax, United StatesAt Van Metre, we believe that each employee contributes directly to our growth, success and culture, and are seeking a candidate who loves to challenge themselves and work with others to fulfill this role. Van Metre Companies has a · Senior · Accountant · position available in ...
-
Senior Toxicologist
2 weeks ago
ICF Reston, United States Full timeTo support ICF's dynamic growth and expanding client base, we are seeking a Senior Toxicologist to work in our Health Science Portfolio. This group of 130+ science professionals provide toxicology, hazard assessment, epidemiology, risk assessment, exposure assessment, environment ...
-
Sr Business Development Manager
2 weeks ago
00100 LEIDOS, INC. Reston, United States Full timeThe Engineering, Integration and Operations of the Leidos National Security Sector is seeking an energetic Senior Business Development Manager to lead the Business Development (BD) US Navy. · The Senior Business Development Manager (BDM) is responsible for all BD activities and ...
JCIP ACAS Technical Reviewer- Senior - Reston, United States - Pueo Business Solutions
Description
Job Description
Job DescriptionPueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a small business with a flat organization that thrives on career development and independence. In support of mission and professional growth, our Parliament has supported the development of multiple patents, proprietary tools, and applications as well as trademarked processes.
Our flat organization emphasizes career development across multiple career environments (at the members own pace) and ensures those who contribute broadly are properly rewarded. Pueo has four career environments where every member of the parliament can participate. Each environment has opportunities available for all levels. Opportunities are framed by an employee's desires and capabilities, and we ensure challenges, growth, and unique experiences are available for employees at all levels.
Our Career Environments (Program, Functional, Service, and Leadership) provide numerous opportunities for employees to invest in their personal growth and those things that offer fulfillment. We invest in helping our members create and execute their career development plans. Our Pods (small teams of 5 or less) are comprised of personnel with similar skillsets to ensure mentorship, understanding, and peer support.
Role: Pueo has an opportunity for an experienced TS/SCI cleared ACAS Technical Reviewer to join our team in Reston, VA. The ACAS Technical Reviewer is responsible to exercise technical support as a Reviewer during an inspection conducted within the Intelligence Community Integrated Environment (IC IE). This requires a Reviewer to be an expert in their technical area or multiple areas, to remain agile, and diligent in support of a groundbreaking effort to secure and modernize the JWICS environment.
** This is an on-site role**
**Must be willing to travel up to 30%, including local travel within the National Capital Region (NCR) of Northern Virginia, Maryland, and Washington, DC. **
Responsibilities:
JCIP Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive assessments through detailed analysis of vulnerability scans to ensure compliance with Intelligence Community Directives (ICDs), IC Technical Implementation Guides (TIGs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST rev 5 security controls. Utilizing automated tools, including Tenable and Splunk, these professionals perform documentation reviews, employ checklists and guides to write report and develop a qualitative risk assessment on target organizations. Their assessments examine the mission owners' critical capabilities and mission impacts if secure operations lack security protections needed to defend their cyber infrastructure and mitigate high-risk vulnerabilities to the enterprise. Beyond inspection duties, Technical Reviewers contribute to maturing organizational processes, training initiatives, and program-wide support through cross-functional collaboration.
JCIP Reviewers are integral to maintaining the cybersecurity integrity of enterprise environments across the Intelligence Community (IC). They are responsible for:
The ACAS Reviewer functions as the critical asset responsible for the collection of scan data for an inspection. Day-to-day responsibilities are to conduct ACAS reviews using the DISA ACAS Best Practice Guide (BPG) and IC CIO Vulnerability Management TIG checklists. This involves coordination with multiple organizations and the reviewer staff. The ACAS reviewer is responsible for the following during an inspection:
Qualifications:
At least five (5) years of experience in system administration, specifically with ACAS platforms such as Tenable, Nessus, and Qualys. A minimum of eight (8) years of experience in Cyber/Information Assurance, with a comprehensive understanding of cybersecurity disciplines including but not limited to the Risk Management Framework, DevSecOps, and cybersecurity engineering.
Education: Bachelor's degree from an accredited institute in an area applicable to the position in Cybersecurity, Computer Science, Software Engineering, Systems Engineering, Information Systems, or a related technical discipline; an additional four (4) years of relevant experience may be substituted in lieu of a degree.
Certifications: Certification in DoD M Cybersecurity workforce, compliance with DoD Directive 8140 Cyberspace Workforce Management, and IAT Level III.
Skills: Strong independent work ethic (auditor mentality), exceptional oral and written communication skills, and the ability to work unsupervised.
Preferred:
Technical Proficiency: Experience in engineering and operations & maintenance of enterprise Vulnerability Scanning platforms (e.g., Tenable, Nessus, Qualys). Ability to analyze raw vulnerability data and develop enterprise level reports. Understanding of enterprise Nessus security center architecture.
Advanced Skills: Proficiency in using advanced vulnerability assessment and reporting tools such as Tenable, Splunk, and Tableau.
Interdivision Collaboration: Demonstrated ability to operate across departments to implement cybersecurity principles effectively.
Multitasking and Time Management: Capable of multitasking with efficient time management and possessing a comprehensive understanding of cyber threats, vulnerabilities, and network security methodologies.
Pueo is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. Pueo takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.
Job Posted by ApplicantPro