Job Description
Job Description
Location: Honolulu, HI (up to 40% travel to PACAF locations).Candidates must already reside within commuting distance to job site.
Clearance: Active Top Secret/SCI required
This position is contingent upon award
We are seeking an experienced Theater Vulnerability Analyst to support Pacific Air Forces (PACAF) cybersecurity operations across its Area of Responsibility (AOR). This role is critical in analyzing vulnerability data, guiding remediation actions, maintaining secure configurations, and delivering accurate security posture reporting to PACAF leadership. You will work directly with base cyber units, conduct vulnerability scans, oversee patching processes, and provide training and mentorship to improve overall cyber readiness.
Key Responsibilities:
- Analyze PACAF cyber security posture reports and identify areas for improvement.
- Provide expertise and remediation guidance to PACAF cyber units.
- Oversee vulnerability scanning (ACAS) and ensure patching via SCCM/MECM meets standards.
- Maintain and assess DoD-mandated endpoint security tools.
- Coordinate and deliver vulnerability management training for PACAF bases.
- Develop and maintain vulnerability management documentation and procedures.
- Track and report POAMs related to vulnerability remediation until completion.
- Produce vulnerability metrics and weighted indicator scores for NIPRNet and SIPRNet.
- Utilize CORA reports to assess risk and advise PACAF Cybersecurity staff.
- Prepare and brief command-wide cybersecurity statuses to leadership.
- Maintain IP space and asset lists to ensure 100% asset coverage.
- Manage ACAS, SCCM/MECM, and other tool accounts for patching and vulnerability analysis.
- Maintain situational awareness of directives (CTOs, MTOs, TCNOs) impacting vulnerability management.
- Support contract-related reporting, documentation, and compliance requirements.
Requirements
- Active Top Secret/SCI clearance.
- DoD 8140/8570 certification at IAT Level 3 (e.g., CISSP, CASP+, CISA, CySA+, CISM).
- 3–4 years of experience in network vulnerability engineering, ACAS scanning, SCCM/MECM patching, and vulnerability remediation.
- Strong knowledge of PACAF cyber architecture, MOBs, and GSUs.
- Experience with DISA STIGs, by-product analysis, and endpoint security products.
- Skilled in vulnerability management processes, including scanning, patching, and metrics reporting.
- Ability to brief senior leaders and communicate with both technical and non-technical audiences.
- Proficiency in Microsoft Office Suite, SharePoint, and collaboration tools (MS Teams, VoIP, VTC).
- Ability to travel up to 40% across the PACAF AOR.
Preferred Experience:
- Familiarity with HBSS, Trellix, Microsoft Defender for Endpoint.
- Understanding of USAF vulnerability management directives and frameworks (e.g., MITRE ATT&CK, NIST CSF).
- Experience conducting compliance inspections and contributing to command-level cybersecurity strategy.
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)