Vulnerability Assessor

ASRC Federal Holding Company

Alexandria, VA

JOB DETAILS
SKILLS
Analysis Skills, Communication Skills, Computer Science, Computer Security, Defense Information Systems Agency (DISA), DoD Secret Clearance, Documentation, Emerging Technology, Enterprise Protection, Federal Government, Government Contracts, Information Technology & Information Systems, Internet Security, Leadership, Legal, Maintain Compliance, Nessus, Public Health, Risk, Risk Analysis, Risk Management, Risk Management Framework (RMF), Secret Clearance, Security Monitoring, Systems Administration/Management, Systems Analysis, Team Player, U.S. National Institute of Standards and Technology (NIST), United States Department of Defense (DoD), Vulnerability Scanners
LOCATION
Alexandria, VA
POSTED
25 days ago

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work

Vulnerability Assessor

Location: Alexandria, VA (Hybrid - Telework with periodic on-site support as required)

Clearance: Active Secret

Position Overview

ASRC Federal is seeking a Vulnerability Assessor to support the Department of War Education Activity (DoWEA) Enterprise Cyber Program. The Vulnerability Assessor will identify, analyze, and track system vulnerabilities to strengthen the organization's cybersecurity posture and ensure compliance with DoD Risk Management Framework (RMF) requirements. This role supports Continuous Monitoring (ConMon) activities and works closely with cybersecurity and system teams to enhance DoWEA's enterprise-wide security operations.

Responsibilities

  • Conduct vulnerability scans using ACAS (Tenable/Nessus), STIG Viewer, and related DoD-approved assessment tools.

  • Categorize and analyze vulnerabilities in accordance with NIST SP 800-53, DISA STIGs, and DoDI 8510.01 (RMF).

  • Collaborate with Information System Security Managers (ISSMs), Information System Security Officers (ISSOs), and system administrators to track remediation and update Plans of Action and Milestones (POA&Ms).

  • Prepare and maintain vulnerability assessment reports and risk summaries for leadership.

  • Support RMF Steps 3-6 and Continuous Monitoring documentation within eMASS.

  • Research and evaluate emerging technologies to identify new or evolving risks and recommend mitigation strategies.

Basic Qualifications

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related discipline (four additional years of equivalent experience may substitute).

  • Minimum 5+ years of cybersecurity or vulnerability management experience.

  • Active DoD Secret clearance

  • DoD 8570.01-M IAT Level II certification (e.g., Security+ CE, CySA+, CCNA-Security).

  • Hands-on experience with ACAS (Tenable/Nessus) and STIG compliance tools.

  • Strong analytical, documentation, and communication skills.

  • Working knowledge of vulnerability scanning, risk assessment methodologies, and remediation tracking.

Preferred Qualifications

  • Familiarity with DoW (DoD) RMF, eMASS, and DISA STIG/SRG compliance.

  • Understanding of NIST SP 800-53, CNSSI 1253, and DoDI 8510.01 frameworks.

  • Knowledge of common cybersecurity threats, exploits, and attack vectors.

  • Experience supporting federal or DoD IT environments.

  • Positive, proactive approach and ability to collaborate effectively across remote and on-site teams.

We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law. The salary offered will depend on several factors including, but not limited to, relevant experience, skills, education, geographic location, internal equity, business needs, and other factors permitted by law. Posted pay ranges are a general guideline only and are not a guarantee of compensation or salary.

EEO Statement

ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.

About the Company

A

ASRC Federal Holding Company

ASRC Federal comprises a family of companies that provide mission-critical services to federal government agencies dedicated to defense, civil and intelligence support. Our customer-focused service delivery model and emphasis on operational excellence are foundational elements infused in all our companies. The reliability and quality of day-in, day-out service delivery from our family of companies ensure our customers that we keep our sights on their mission-critical priorities.
COMPANY SIZE
5,000 to 9,999 employees
INDUSTRY
Aerospace and Defense
EMPLOYEE BENEFITS
Military Leave, On Site Cafeteria, Parking, Prescription Drug Coverage, Professional Development, 401K, Employee Referral Program, Flexible Spending Accounts, Employee Events, Tuition Reimbursement, Work From Home, Life Insurance, Merchandise Discounts
FOUNDED
2003
WEBSITE
http://www.asrcfederal.com