SOC Vulnerability Management ACAS Lead - Senior

SOC Vulnerability Management ACAS Lead - Senior #4122 Job Description Position Summary ECS is seeking a SOC Vulnerability Management ACAS Lead - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this senior Task 3 Cybersecurity Operations Support role, the selected candidate will lead ACAS vulnerability scanning operations by directing scan planning, execution, validation, and reporting across supported ARNG enterprise environments. The role supports ENOCS delivery of Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility and works closely with SOC, compliance, RMF, and engineering teams to identify risk, prioritize remediation, and strengthen enterprise vulnerability governance. This position directly supports ARNG’s mission to defend classified and unclassified network environments serving more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The role contributes to cybersecurity operations that enable Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. Within the ENOCS technical environment, this position helps sustain continuous monitoring and compliance activities across platforms and services referenced in the program, including ACAS, eMASS, STIG‑aligned baselines, and integration points with broader SOC operations that leverage USIEM, EDR, IDS/IPS, and enterprise reporting to coordinate with NETCOM Global Cyber Center and DISA DCDC. Please Note: This position is contingent upon contract award. Responsibilities Lead ACAS scanning operations across ARNG enterprise environments, including scan planning, execution, validation, and reporting to support continuous vulnerability identification and risk reduction. Oversee configuration, sustainment, and coverage of ACAS infrastructure, ensuring proper credentialing and accurate scan visibility across supported systems and enclaves. Validate vulnerability findings against STIGs, IAVMs, RMF requirements, and applicable DoD and ARNG cybersecurity directives before release to stakeholders for action. Prioritize high‑risk vulnerabilities based on current threat posture and enterprise impact, and coordinate remediation tracking with system owners, engineering teams, and cybersecurity stakeholders. Maintain accurate POA&M status and support eMASS update activities so reported risk posture reflects current remediation progress and compliance conditions. Produce operational metrics, compliance reports, and vulnerability governance data to support continuous monitoring, audit readiness, and cybersecurity decision‑making. Coordinate vulnerability management activities with SOC functions and enterprise cyber operations that use USIEM analytics, EDR, and IDS/IPS data to improve visibility and response across the DoDIN‑A(NG) environment. Support Task 3 deliverables by aligning ACAS‑driven vulnerability assessment activities with ENOCS cybersecurity operations conducted in coordination with the NETCOM Global Cyber Center and DISA DCDC. Contribute to protection of ARNG classified and unclassified network environments that support Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and SIPRNet operations across 54 states and territories. Required Qualifications U.S. Citizenship is required Security Clearance: Secret Eligible Required Certifications: DCWF Work Role 541‑Vulnerability Assessment Analyst — Intermediate proficiency; must hold ONE OR MORE of the following: CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP‑A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, Security+ Experience: 7+ years of experience in cybersecurity Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering Experience leading enterprise vulnerability scanning, validation, and reporting activities in support of cybersecurity operations. Experience administering and sustaining ACAS infrastructure, including scan policy execution, credentialed scanning, and coverage management. Experience assessing vulnerabilities and compliance posture against STIGs, IAVMs, RMF requirements, and documented cybersecurity directives. Experience coordinating remediation activities with system owners, engineers, and cybersecurity teams and tracking closure status through formal risk management processes. Experience producing compliance metrics, operational reporting, and audit‑support artifacts for continuous monitoring programs. Experience supporting POA&M management and maintaining accurate representation of current risk posture. Ability to analyze scan results for accuracy, eliminate false positives where appropriate, and communicate actionable findings to technical and non‑technical stakeholders. Desired Qualifications Security Clearance: Active Secret (preferred) Experience supporting vulnerability management activities within a 24x7x365 SOC or enterprise cyber operations environment. Experience working in ARNG, Army, or other DoD enterprise environments supporting large, geographically dispersed user and endpoint populations. Familiarity with eMASS updates and RMF continuous monitoring activities tied to enterprise vulnerability and compliance reporting. Experience coordinating with higher headquarters or enterprise cyber organizations such as NETCOM, DISA, or similar operational partners. Familiarity with adjacent SOC technologies and data sources used in the ENOCS environment, including USIEM, EDR, and IDS/IPS‑informed analysis. ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. #J-18808-Ljbffr RadNet