CyberSecurity Vulnerability Assessment Analyst II - Agile Defense

About Agile Defense

At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.

Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.

Requisition #: 1642

Job Title: CyberSecurity - Vulnerability Assessment Analyst II

Location: Huntsville, AL

Clearance Level: Secret, Must Have Clearance to Start

Required Certification(s): IAT2

Job Description

Role Overview

The Vulnerability Assessment Analyst II is responsible for identifying, analyzing, and reporting on cybersecurity vulnerabilities across Department of the Army and DoD enterprise networks. This mission-critical role involves utilizing DoD-approved scanning tools to evaluate network enclaves, hardware, and software, ensuring compliance with strict security configurations and assisting engineering teams with remediation strategies to defend against cyber threats.

Duties and Responsibilities:

Vulnerability Scanning

• Execute routine and ad-hoc vulnerability, compliance, and discovery scans using DoD-mandated tools such as the Assured Compliance Assessment Solution (ACAS) / Tenable Nessus and SCAP Compliance Checker.

Analysis & Reporting

• Analyze scan results to identify false positives, evaluate risk levels, and generate actionable vulnerability reports, dashboards, and Contract Data Requirements List (CDRL) deliverables for Army leadership.

Mitigation & Remediation

• Collaborate directly with Systems Administrators, Network Engineers, and Information System Security Officers (ISSOs) to provide technical guidance on patching, remediation, and mitigation strategies.

Compliance & Directives

• Track and enforce compliance with Information Assurance Vulnerability Alerts (IAVAs), Security Technical Implementation Guides (STIGs), and Army Cyber Command (ARCYBER) directives.

Tool & Infrastructure Management

• Assist in the configuration, troubleshooting, and maintenance of the vulnerability scanning infrastructure (e.g., Security Center, Nessus scanners) within an Impact Level 5 (IL5) or secure enclave environment.

Other Duties:

• Performs assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.
• Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
• Basic understanding and ability to identify vulnerabilities and risk levels.