ASRC Federal Holding Company
Cyber Security Engineer - ACAS (Onsite)
ASRC Federal Holding Company, Seaside, California, United States, 93955
ASRC Federal NetCentric Technology is hiring a
Cyber Security Engineer - ACAS (ONSITE)
to support a key federal government client. This role requires an
active Secret Security Clearance
and will be embedded within a Governance and Compliance team, responsible for maintaining the Assured Compliance Assessment Solution (ACAS) toolset and overseeing vulnerability management efforts in alignment with RMF requirements. This is a
full-time onsite position
, with work performed
Monday through Friday at the client site in Seaside, California
.
Responsibilities:
ACAS Management
: Will assist in the design, development, and implementation strategy for the Assured Compliance Assessment Solution (ACAS) in support of meeting security objectives for cloud infrastructure and enterprise networks environments.
Vulnerability Management
: Lead configuration and optimization of ACAS policies, writing scripts (Bash, Python), and performing root cause analysis to resolve issues.
Develop vulnerability policies, custom alerts, scan policies, and ticketing workflows.
Cross-reference weekly IAVM (Information Assurance Vulnerability Management) compliance reports with ACAS scan results to identify and remediate vulnerabilities.
Support cybersecurity reviews and audits to ensure systems meet DoD 8140 and 8570 compliance standards.
Governance and Compliance:
Support ISSO/ISSM/SO activity task to ensure proper documentation for Authority to Operate (ATO) and Continuous Monitoring are maintained and updated.
Detection and Response:
Participate in cross-functional activities to assess operational impact of enterprise systems as identified in U.S. Cyber Command (USCC) and Joint Force Headquarters (JFHQ) directives.
Reporting and Documentation
: Assist in the generation and maintenance of cybersecurity RMF artifacts such as System Security Plans, POA&M (Plans of Action & Milestones), and security CONOPS (Concept of Operations).
Continuous Process Improvement:
Regularly review and update vulnerability management processes and procedures (SOP) based on lessons learned from routine and event-oriented incidents in accordance with DoD regulations, directives, and industry best practices.
Requir
ed Skills:
Deep understanding of Information Technology (IT) systems configuration within the Department of Defense (DoD) and extensive hands-on experience with ACAS tools to ensure the security and compliance of cloud infrastructure and enterprise environments.
Familiarity with tools such as ESS, Microsoft Defender, Splunk, Tanium and Burp Suite capabilities and how these tools complement one another in support cybersecurity support services.
Required Qualifications:
Bachelor's degree in Information Technology, Cybersecurity, or a related field.
Active
Secret Clearance
and
Active
DoD 8570 IAT Level II certification
or greater
, including at least one of the following certifications in good standing: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.
DISA ACAS certification
6+ years
of relevant IT or Cybersecurity experience, including 4+ years of hands-on expertise managing the
Assured Compliance Assessment Solution (ACAS)
suite throughout its lifecycle-from initial deployment, configuration, and integration into enterprise networks to continuous monitoring, maintenance, and optimization. This includes proficiency in configuring scan policies, customizing dashboards, managing Tenable Nessus scans, Security Center reporting, and ensuring seamless updates to maintain compliance and efficiency.
Strong knowledge of
Linux
and
Windows
operating systems, with proficiency in scripting languages like
Bash
and
Python
for automation, troubleshooting, and ACAS tool customization to meet organizational needs.
Experience in
vulnerability management
, including interpreting and remediating ACAS scan results, managing IAVM compliance reporting, analyzing system vulnerabilities, and ensuring full lifecycle security solutions using ACAS to maintain enterprise network integrity.
Proven ability to generate security artifacts (e.g., POA&M, CONOPS, security plans), implement end-to-end
ACAS
solutions, and collaborate effectively in team environments to address evolving cybersecurity threats and challenges.
This is a
onsite (5-days per week onsite)
in Seaside, California.
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. This position is offering a pay range of
$1
35
,500 -
$147,095
depending on experience, seniority, geographic locations, and other factors
permitted
by law. Benefits offered may include healthcare, dental, vision, life insurance; 401(k); education
assistance
; paid time off including PTO, holidays, and any other paid leave required by law.
Why ASRC?
As a wholly owned subsidiary of Arctic Slope Regional Corporation, an Alaska Native Corporation, we are inspired by the Iñupiatculture. We embrace
stewardship
and the idea of using every resource effectively;
teamwork
when striving to achieve goals and building a collaborative environment;
integrity
in adhering to high moral principles and professional standards;
respect
in welcoming and regarding the differing opinions, experiences, rights and traditions of others;
accountability
in that we meet our commitments and take responsibility for our results; and
continuous improvement
, always striving to make things better, raising the bar and staying humble.
Advantages of Working at ASRC Federal:
Purpose-Driven Careers:
Join a company recognized as a:
Certified Great Place to Work
Military Times' Best for Vets Employer
Military.com's Top 25 Veteran Employer
Comprehensive Benefits:
Insurance Coverage: Comprehensive plans for medical, dental, vision, life insurance, and short-term/long-term disability
Paid Leave: Inclusive policies for bereavement, military obligations, and parental needs, along with 11 paid holidays annually
Retirement Savings: A 401(k) plan with a generous company match and immediate vesting to help secure your financial future
Incentives: Employee referral bonuses to reward you for helping grow the ASRC Federal Family
Learning and Development:
After 90 days of employment, regular full-time employees are eligible for our professional development program. This includes annual funding for:
Pursuing Associate's, Bachelor's, or Graduate Degrees
Obtaining industry-standard professional certifications
Participating in professional certificate programs
Covering registration fees for professional conferences
Centers of Excellence
: We established the Centers of Excellence to build, leverage and grow our technological capabilities, best practices and offer professional development for our technical teams. They contain many Communities of Practice which are forums that offer a platform to share ideas, best practices, innovations, and to collaborate with technical peers.
Embark on a career with ASRC Federal, where your growth, purpose, and well-being are at the forefront of what we do!
Job Details
Job Family
Information Technology
Job Function
Information Security
Pay Type
Salary
Education Level
Bachelor's Degree
Cyber Security Engineer - ACAS (ONSITE)
to support a key federal government client. This role requires an
active Secret Security Clearance
and will be embedded within a Governance and Compliance team, responsible for maintaining the Assured Compliance Assessment Solution (ACAS) toolset and overseeing vulnerability management efforts in alignment with RMF requirements. This is a
full-time onsite position
, with work performed
Monday through Friday at the client site in Seaside, California
.
Responsibilities:
ACAS Management
: Will assist in the design, development, and implementation strategy for the Assured Compliance Assessment Solution (ACAS) in support of meeting security objectives for cloud infrastructure and enterprise networks environments.
Vulnerability Management
: Lead configuration and optimization of ACAS policies, writing scripts (Bash, Python), and performing root cause analysis to resolve issues.
Develop vulnerability policies, custom alerts, scan policies, and ticketing workflows.
Cross-reference weekly IAVM (Information Assurance Vulnerability Management) compliance reports with ACAS scan results to identify and remediate vulnerabilities.
Support cybersecurity reviews and audits to ensure systems meet DoD 8140 and 8570 compliance standards.
Governance and Compliance:
Support ISSO/ISSM/SO activity task to ensure proper documentation for Authority to Operate (ATO) and Continuous Monitoring are maintained and updated.
Detection and Response:
Participate in cross-functional activities to assess operational impact of enterprise systems as identified in U.S. Cyber Command (USCC) and Joint Force Headquarters (JFHQ) directives.
Reporting and Documentation
: Assist in the generation and maintenance of cybersecurity RMF artifacts such as System Security Plans, POA&M (Plans of Action & Milestones), and security CONOPS (Concept of Operations).
Continuous Process Improvement:
Regularly review and update vulnerability management processes and procedures (SOP) based on lessons learned from routine and event-oriented incidents in accordance with DoD regulations, directives, and industry best practices.
Requir
ed Skills:
Deep understanding of Information Technology (IT) systems configuration within the Department of Defense (DoD) and extensive hands-on experience with ACAS tools to ensure the security and compliance of cloud infrastructure and enterprise environments.
Familiarity with tools such as ESS, Microsoft Defender, Splunk, Tanium and Burp Suite capabilities and how these tools complement one another in support cybersecurity support services.
Required Qualifications:
Bachelor's degree in Information Technology, Cybersecurity, or a related field.
Active
Secret Clearance
and
Active
DoD 8570 IAT Level II certification
or greater
, including at least one of the following certifications in good standing: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.
DISA ACAS certification
6+ years
of relevant IT or Cybersecurity experience, including 4+ years of hands-on expertise managing the
Assured Compliance Assessment Solution (ACAS)
suite throughout its lifecycle-from initial deployment, configuration, and integration into enterprise networks to continuous monitoring, maintenance, and optimization. This includes proficiency in configuring scan policies, customizing dashboards, managing Tenable Nessus scans, Security Center reporting, and ensuring seamless updates to maintain compliance and efficiency.
Strong knowledge of
Linux
and
Windows
operating systems, with proficiency in scripting languages like
Bash
and
Python
for automation, troubleshooting, and ACAS tool customization to meet organizational needs.
Experience in
vulnerability management
, including interpreting and remediating ACAS scan results, managing IAVM compliance reporting, analyzing system vulnerabilities, and ensuring full lifecycle security solutions using ACAS to maintain enterprise network integrity.
Proven ability to generate security artifacts (e.g., POA&M, CONOPS, security plans), implement end-to-end
ACAS
solutions, and collaborate effectively in team environments to address evolving cybersecurity threats and challenges.
This is a
onsite (5-days per week onsite)
in Seaside, California.
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. This position is offering a pay range of
$1
35
,500 -
$147,095
depending on experience, seniority, geographic locations, and other factors
permitted
by law. Benefits offered may include healthcare, dental, vision, life insurance; 401(k); education
assistance
; paid time off including PTO, holidays, and any other paid leave required by law.
Why ASRC?
As a wholly owned subsidiary of Arctic Slope Regional Corporation, an Alaska Native Corporation, we are inspired by the Iñupiatculture. We embrace
stewardship
and the idea of using every resource effectively;
teamwork
when striving to achieve goals and building a collaborative environment;
integrity
in adhering to high moral principles and professional standards;
respect
in welcoming and regarding the differing opinions, experiences, rights and traditions of others;
accountability
in that we meet our commitments and take responsibility for our results; and
continuous improvement
, always striving to make things better, raising the bar and staying humble.
Advantages of Working at ASRC Federal:
Purpose-Driven Careers:
Join a company recognized as a:
Certified Great Place to Work
Military Times' Best for Vets Employer
Military.com's Top 25 Veteran Employer
Comprehensive Benefits:
Insurance Coverage: Comprehensive plans for medical, dental, vision, life insurance, and short-term/long-term disability
Paid Leave: Inclusive policies for bereavement, military obligations, and parental needs, along with 11 paid holidays annually
Retirement Savings: A 401(k) plan with a generous company match and immediate vesting to help secure your financial future
Incentives: Employee referral bonuses to reward you for helping grow the ASRC Federal Family
Learning and Development:
After 90 days of employment, regular full-time employees are eligible for our professional development program. This includes annual funding for:
Pursuing Associate's, Bachelor's, or Graduate Degrees
Obtaining industry-standard professional certifications
Participating in professional certificate programs
Covering registration fees for professional conferences
Centers of Excellence
: We established the Centers of Excellence to build, leverage and grow our technological capabilities, best practices and offer professional development for our technical teams. They contain many Communities of Practice which are forums that offer a platform to share ideas, best practices, innovations, and to collaborate with technical peers.
Embark on a career with ASRC Federal, where your growth, purpose, and well-being are at the forefront of what we do!
Job Details
Job Family
Information Technology
Job Function
Information Security
Pay Type
Salary
Education Level
Bachelor's Degree