AERMOR is hiring: Technical Cybersecurity Assessor-ACAS in Suffolk

Technical Cybersecurity Assessor-ACAS – AERMOR

Location: Suffolk, VA | Employment: Full‑Time | Experience: 3+ Years | Clearance: TS/SCI

AERMOR is seeking a highly skilled ACAS Security Assessor to conduct comprehensive vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools. The successful candidate will identify critical flaws in applications, systems, and networks, provide detailed reports and recommendations to enhance security posture, and develop custom scripts to streamline assessments.

Responsibilities

• Identify critical flaws in applications, systems, and networks that could be exploited by cyber attackers.
• Conduct vulnerability assessments for networks, applications, and operating systems using ACAS and other industry‑standard tools.
• Use automated tools (e.g., Nessus) to quickly pinpoint vulnerabilities and streamline the assessment process.
• Conduct manual testing techniques to gain a deeper understanding of the security environment and reduce false negatives.
• Manually validate and verify vulnerability scan results to reduce false positives.
• Write comprehensive Vulnerability Assessment Reports summarizing findings and providing actionable recommendations for remediation.
• Track vulnerabilities over time and provide metrics to demonstrate improvement or highlight areas for additional focus.
• Compile findings into detailed reports for leadership and technical teams to improve organizational security practices.
• Develop, test, and modify custom scripts and applications for vulnerability scanning and testing to address unique security challenges.
• Conduct regular network security audits and scanning on a predetermined schedule to ensure ongoing system integrity.
• Develop and maintain a vulnerability assessment database to document findings, track remediation efforts, and ensure compliance with security standards and regulations.

Qualifications

• Associate’s degree in a related field (e.g., Cybersecurity, Information Technology, Computer Science) or equivalent education and professional experience.
• Proven experience with ACAS or similar vulnerability scanning and management tools (e.g., Nessus).
• Knowledge and experience conducting vulnerability assessments for networks, applications, and operating systems.
• Familiarity with network security audits, vulnerability management processes, and industry standards.
• Strong experience with manual testing techniques and identifying critical vulnerabilities in complex systems.
• Experience developing and maintaining custom scripts for vulnerability scanning.
• Must be able to travel locally or internationally between sites as necessary (up to 50% of travel time).