SOC Vulnerability Management ACAS Lead - Senior

Position Summary

ECS is seeking a SOC Vulnerability Management ACAS Lead - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this senior Task 3 Cybersecurity Operations Support role, the selected candidate will lead ACAS vulnerability scanning operations by directing scan planning, execution, validation, and reporting across supported ARNG enterprise environments. The role supports ENOCS delivery of Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility and works closely with SOC, compliance, RMF, and engineering teams to identify risk, prioritize remediation, and strengthen enterprise vulnerability governance.

This position directly supports ARNG’s mission to defend classified and unclassified network environments serving more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The role contributes to cybersecurity operations that enable Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. Within the ENOCS technical environment, this position helps sustain continuous monitoring and compliance activities across platforms and services referenced in the program, including ACAS, eMASS, STIG-aligned baselines, and integration points with broader SOC operations that leverage USIEM, EDR, IDS/IPS, and enterprise reporting to coordinate with NETCOM Global Cyber Center and DISA DCDC.

Please Note: This position is contingent upon contract award.

Responsibilities

• Lead ACAS scanning operations across ARNG enterprise environments, including scan planning, execution, validation, and reporting to support continuous vulnerability identification and risk reduction.
• Oversee configuration, sustainment, and coverage of ACAS infrastructure, ensuring proper credentialing and accurate scan visibility across supported systems and enclaves.
• Validate vulnerability findings against STIGs, IAVMs, RMF requirements, and applicable DoD and ARNG cybersecurity directives before release to stakeholders for action.
• Prioritize high-risk vulnerabilities based on current threat posture and enterprise impact, and coordinate remediation tracking with system owners, engineering teams, and cybersecurity stakeholders.
• Maintain accurate POA&M status and support eMASS update activities so reported risk posture reflects current remediation progress and compliance conditions.
• Produce operational metrics, compliance reports, and vulnerability governance data to support continuous monitoring, audit readiness, and cybersecurity decision-making.
• Coordinate vulnerability management activities with SOC functions and enterprise cyber operations that use USIEM analytics, EDR, and IDS/IPS data to improve visibility and response across the DoDIN-A(NG) environment.
• Support Task 3 deliverables by aligning ACAS-driven vulnerability assessment activities with ENOCS cybersecurity operations conducted in coordination with the NETCOM Global Cyber Center and DISA DCDC.
• Contribute to protection of ARNG classified and unclassified network environments that support Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and SIPRNet operations across 54 states and territories.