ACAS Cybersecurity Analyst
Apavo Corporation
Job Description
Job Description
Description:
Job Title: ACAS Cybersecurity Analyst
Location: Oakton, VA
Department: Cyber Security Services
Reports To: Management
FLSA Status: Full Time/Non-exempt
Description:
Apavo delivers cybersecurity services to military, defense, and critical infrastructure organizations, and we're growing our Cyber Security Services team. We're built on quality, clear communication, and the belief that every team member's input matters — paired with a genuine commitment to work-life balance and professional growth. If you want cybersecurity work that has real mission impact, backed by a team that invests in your development, we'd love to talk.
Job Purpose:
In this role, the ACAS Cybersecurity Analyst plays a key part in supporting a high-priority federal research mission, driving vulnerability management, compliance validation, and Continuous Monitoring (ConMon) efforts across complex, multi-enclave Risk Management Framework (RMF) environments.
Duties & Responsibilities:
ACAS Cybersecurity Analyst responsibilities include, but are not limited to:
Advanced ACAS Administration: Deploy, configure, and manage Tenable Security Center (Tenable.sc) and Nessus scanners across connected and air-gapped enclaves (NIPR, SIPR, JWICS, SAP).
Vulnerability, R&D & Directive Scanning: Execute and analyze credentialed and non-credentialed vulnerability scans. Tailor scan zones, profiles, and asset lists to ensure 100% visibility while preventing disruptions to fragile, experimental research systems. Perform targeted scanning to determine and verify system compliance with DCDC Communications Tasking Orders (CTOs).
Troubleshooting & Maintenance: Diagnose and resolve complex scanner connectivity issues, WMI/SSH credentialed scan failures, and perform manual/offline plugin and feed synchronizations for isolated, highly classified networks.
Multi-Framework Compliance Validation: Validate findings against DISA STIGs, CIS benchmarks, and specific IC/SAP security baselines. Conduct compliance checks using tools such as SCC, STIG Viewer, and Evaluate-STIG.
Risk & Remediation Tracking: Develop and maintain POA&M documentation. Monitor IAVA/IAVM notices and IC-specific vulnerability alerts. Collaborate with operations and engineering personnel to provide risk-based remediation strategies, tracking mitigation within systems of record (e.g., eMASS, Xacta).
Continuous Monitoring & Upstream Reporting: Execute ConMon activities, integrating ACAS outputs with local SIEM tools (e.g., Splunk) to maintain ongoing authorization and coordinate with the external Cybersecurity Service Provider (CSSP). Support upstream enterprise cybersecurity posture reporting, ensuring accurate data synchronization with the Continuous Monitoring and Risk Scoring (CMRS) system.
DoD & IC RMF Support: Support RMF lifecycle activities across multiple regulatory frameworks—including DoD RMF (DoDI 8510.01), Intelligence Community Directive 503 (ICD 503), and the Joint SAP Implementation Guide (JSIG). Maintain artifacts and map technical scan findings to NIST SP 800-53 and CNSSI 1253 controls.
The ACAS Cybersecurity Analyst is expected to have additional duties as assigned in support of corporate cybersecurity services and mission requirements. Additional details are reviewed in accordance with company policies.
Other:
This is typical office or administrative work, and there is no exposure to adverse environmental conditions.
This position requires sedentary work. Sedentary work is defined as: Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.
Apavo Corporation provides equal employment opportunities to all applicants and employees and strictly prohibits any type of harassment or discrimination in regards to race, religion, age, color, sex, disability status, national origin, genetics, sexual orientation, protected veteran status, gender expression, gender identity, or any other characteristic protected under federal, state, and/or local laws.
Consistent with the Americans with Disabilities Act (ADA), it is the policy of Apavo Corporation to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process. If reasonable accommodation is needed, please contact Apavo Human Resources at View email address on ziprecruiter.com or View phone number on ziprecruiter.com
Employment with Apavo Corporation is on an at-will basis, meaning either you or the Company can terminate the employment relationship, at any time, for any or no reason, and with or without cause or notice. As an at-will employee, your employment with Apavo Corporation is not guaranteed for any length of time.
Requirements:Qualifications :
- Education/Experience: Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience) with 5–7+ years of experience in DoD/IC cybersecurity, heavily focused on vulnerability management and RMF.
- Clearance: Active Top Secret clearance with SCI eligibility. (Willingness to undergo a Counterintelligence (CI) or Full-Scope Polygraph for SAP readiness is highly preferred).
- DoD Directive: DoD 8570.01-M / 8140.03 compliant for IAT Level II (e.g., Security+ CE, CySA+) or Level III (e.g., CASP+, CISSP).
- ACAS Certification: Current DISA ACAS Operator and/or Administrator training certificate is required.
- Technical Proficiency: Deep, hands-on administrative experience with ACAS (Nessus / Tenable.sc) infrastructure, including offline updates, CMRS integration, air-gapped deployments, and credentialed scan troubleshooting.
- OS/Environment: Computing Environment (CE) certification (e.g., Linux+, Windows Server) or equivalent command-line experience is highly preferred for ACAS host management.
- Framework Knowledge: Strong understanding of DoD RMF (DoDI 8510.01), IC RMF (ICD 503), JSIG, CNSSI 1253, NIST SP 800-53 controls, STIG implementation, and IAVA/IAVM/CTO remediation processes.
- Tooling: Experience with SCC, STIG Viewer, eMASS, Xacta (heavily used in IC/SAP environments), and log aggregation tools (e.g., Splunk).
- Communication: Strong analytical and problem-solving skills, with the ability to communicate technical cyber risks to non-technical program managers and research scientists.
- ...MANTECH seeks a motivated, career and customer-oriented Cyber Incident Response Analyst to join our team in McLean, Virginia . Our team provides 24x7x365 cybersecurity support to one of the most coveted targets in the world. The Cyber Incident Response Analyst...SuggestedShift workNight shiftDay shiftAfternoon shift
- ...Overview Cybersecurity Analyst (Vulnerability Management & Continuous Monitoring) Oakton, VA SecuriGence delivers essential technology services... ...scanning using Assured Compliance Assessment Solution (ACAS) (e.g., Tenable.sc / Nessus). Enforcing the ACAS best practice...Suggested
$99k - $225k
...Job Number: R0242812 Cybersecurity Analyst The Opportunity: Do you enjoy the thrill of the hunt? Are you motivated by the head-to-head challenge of gaining access to well-protected networks? As a Cybersecurity Analyst, you know that understanding the adversaries...SuggestedFull timeContract workPart timeWork at officeLocal areaRemote workWorldwide- ...Cybersecurity Analyst We are seeking a dedicated and detail-oriented Cybersecurity Analyst to join our team and help safeguard our systems and data from potential threats. In this role, you will monitor and analyze security events, identify vulnerabilities, and implement...SuggestedTemporary workFor contractorsImmediate startFlexible hours
$99k - $225k
...Job Number: R0239024 Enterprise Cybersecurity Analyst The Opportunity : Support mission-critical cybersecurity operations for Booz Allen's Impact Level 5 (IL5) environment by administering advanced security tools, including CrowdStrike Falcon EDR/AV, Tenable Cloud...SuggestedFull timeContract workPart timeWork at officeLocal areaRemote work- ...Cybersecurity Analyst LOCATION Tysons, VA 22182 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a dedicated and detail-oriented Cybersecurity Analyst to join our team and help safeguard...Temporary workFor contractorsImmediate startFlexible hours
- ...MANTECH seeks a motivated, career and customer-oriented Cybersecurity Analyst - Evenings to join our team in Tysons, VA The Cybersecurity Analyst will monitor Air Gapped Security Fabrics through managed SECOPs Tools. Responsibilities include but are not limited...Work at officeLocal areaShift workAfternoon shift
$85k - $110k
...Cybersecurity Analyst I Now hiring at American Systems. Epsilon, Inc. has joined American Systems! As one organization, we offer expanded... ...Additionally, in this position you will: Review and analyze ACAS vulnerability scan results to identify security risks and...Immediate start$120k - $179k
...Cybersecurity Analyst Bridge Core provides high energy, unified teams; technology integration experience; and innovative approaches, to enable our clients' mission. We enable our clients' mission by integrating innovative technologies and implementing adoption processes...Shift workNight shiftWeekend workAfternoon shift- ...Overview Cybersecurity Analyst – McLean, VA. TS/SCI clearance with polygraph required. Bridge Core is seeking a skilled analyst to support government agencies in cyberspace. Responsibilities We are seeking a skilled and motivated Cybersecurity Analyst to join our team....Shift workNight shiftAfternoon shift
- ...Cyber Security Analyst Location: McLean, Virginia ***Clearance Requirement: TS/SCI w/ Full Scope Polygraph*** Position Description... ...Incident Response Team, Security Operations Center, or other Cybersecurity position. Experience with using SIEM systems, network security...Shift workNight shiftDay shiftAfternoon shift
- ...Bridge Core (BCore) is seeking a Cybersecurity Analyst in McLean, VA. The ideal candidate should have at least 1 year of experience in cybersecurity roles and possess an active TS/SCI clearance with polygraph. Responsibilities include utilizing SIEM systems for threat...Shift workAfternoon shift
$105k - $200k
...composed of a mix of junior and mid-level analysts who will look to you for technical... ...Role & Responsibilities Provide cybersecurity expertise to surface combat system program... ...the Assured Content Assessment Solution (ACAS). Coordinate with support team to ensure...Work at office$99k - $225k
Cybersecurity Analyst The Opportunity: Do you enjoy the thrill of the hunt? Are you motivated by the head-to-head challenge of gaining access to well-protected networks? As a Cybersecurity Analyst, you know that understanding the adversaries’ tactics, techniques, and procedures...Full timeContract workPart timeWork at officeLocal areaRemote workWorldwide$99k - $225k
...Job Number: R0235712 Cybersecurity Analyst The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies. In all of this "cyber noise", how can these organizations...Full timeContract workPart timeWork at officeLocal areaRemote work$85k - $141k
...blockers, and support timely remediation. Support POA&M activities, patching timelines, remediation deadlines, and related federal cybersecurity and compliance requirements. Develop and maintain automated vulnerability reports, dashboards, KPIs, and metrics to track...Temporary workFlexible hours$90k - $140k
...Job Description: Job Description Spry Squared is looking for a strong Cybersecurity Analyst for our client to provide cybersecurity control solutions that ensure protection of all information and systems. Responsibilities Establishes and satisfies complex...$86k - $138k
...Responsibilities Peraton is currently seeking to hire a Cybersecurity Analyst to become part of our Federal Strategic Cyber group. Location: Hybrid position, based in Arlington, VA. Support the Security Standards & Baselines (SSB) section within the Technology, Innovation...Contract workCurrently hiringWork at officeShift work- ...Cybersecurity Systems Analyst (FedRAMP) Entrusted by companies with challenging Cybersecurity and IT data management recruiting needs, Flex Staffing Resources identifies exceptional talent and cutting edge companies and brings them together. Location: Herndon, VA...Remote workFlexible hours1 day per week
$110k - $125k
...certified B Corporation and a Top Workplace for 7 consecutive years. WHO WE ARE LOOKING FOR We are seeking a detail‑oriented Cybersecurity Analyst with hands‑on experience in enterprise security operations and a strong understanding of federal compliance frameworks such...Contract workTemporary workRemote workWork from home- ...Sr. Cybersecurity Analyst Reston, VA Active TS/SCI with poly Job Overview As a Sr. Cybersecurity Analyst, your focus will be on Government System Authority to Operate (ATO) support. You will be responsible for guiding government clients through the intricate process of...
- ...Description: Secure and resilient cybersecurity is critical to national defense and mission success. Valencor LLC (Valencor) is seeking a Cybersecurity Analyst with expertise in Risk Management Framework (RMF), Zero Trust Architecture (ZTA), and Data-Centric Security (...
- ...Security Analyst The Security Analyst supports the United States (U.S.) Army C5ISR Center to develop advances within cyber defense research... ..., global implementation capabilities. ~ The most current DISA ACAS Version in use training certificate ~ Three (3) years'...Temporary workImmediate startFlexible hours
- ...Cybersecurity Risk Analyst ECLARO is looking for a Cybersecurity Risk Analyst for our client in Manassas, VA. ECLARO's client is a leading technology solutions provider, collaborating with customers to manage their needs and achieve success in their business goals....Contract work
- ...Active TS/SCI with Polygraph Summary We are seeking a Security Analyst to support cybersecurity operations, compliance, and risk management for FedRAMP-... ...Archer, ServiceNow GRC, Splunk, Azure Sentinel, Nessus, ACAS, AWS GovCloud, Azure Government, GCP, SCAP, STIG Viewer...
$120.64k - $197.6k
...Conduct vulnerability assessments and compliance scans (such as ACAS) and track remediation of findings and IAVM requirements... ...integrate security throughout the system lifecycle Provide cybersecurity risk input to program leadership, Authorizing Officials (AOs),...RelocationRelocation package$100k - $145k
...Job Description Job Description Dark Wolf is seeking Cybersecurity Analysts to join a collaborative team to develop, manage, and maintain... ...one service offering from AWS, Azure, or Google GCP ACAS training The salary range for this position is estimated...Full timeFor contractorsWork at officeLocal area- ...Summary We are seeking a Senior Security Engineer to support cybersecurity operations, compliance, and risk management for FedRAMP-... ...vulnerability management activities using tools such as Nessus, ACAS, SCAP, and STIG Viewer, validating remediation and coordinating...
$115.7k - $150.5k
...an Information Systems Security Manager (ISSM) to lead onsite cybersecurity efforts for classified programs. This position requires strong... ...such as: Vulnerability scanning tools (e.g., Evaluate STIG, ACAS), Endpoint protection platforms, SIEM/auditing solutions, eMass...Temporary workFor contractorsWork experience placementCasual workLocal areaRelocation package- ...There are many more - connect with us to get a preview of the full benefits package. Position Title: Senior Cyber-Security Analyst / Navy Validator Location: Onsite in Arlington, VA Duties & Responsibilities: Provides Information Assurance (IA...For contractorsWork at officeLocal areaImmediate start
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to ACAS Cybersecurity Analyst. Be the first to apply!


