Theater Vulnerability Analyst - Assessment Fo

Job Description

Job Description

Theater Vulnerability Analyst - Assessment Focus

Contract: PACAF Cybersecurity Contract Location: Joint Base Pearl Harbor-Hickam (JBPHH), Hawaii Start Date: September 30, 2025 Positions Available: 1 opening Travel: Up to 40% to Pacific region bases

Position Overview

We are seeking an experienced Theater Vulnerability Analyst to provide expert vulnerability assessment and analysis services for Pacific Air Forces. This advisory role focuses on analyzing vulnerability data, creating metrics, and providing strategic recommendations—not hands-on system configuration or scanning.

Key Responsibilities

· Analyze vulnerability scan results from Government-provided ACAS/Nessus tools

· Assess endpoint security status across PACAF theater (HBSS/Microsoft Defender)

· Create command-wide vulnerability metrics and trend analysis reports

· Develop weighted vulnerability indicator scores for NIPRNet and SIPRNet

· Advise on patching priorities and remediation strategies

· Maintain awareness of SCCM/MECM health status (read-only assessment)

· Track vulnerability management POAMs and report risks to leadership

· Document vulnerability management processes and best practices

· Support Cyber Readiness Review and Mentorship (CRR-M) team as needed

Required Qualifications

Security Clearance: Active TS/SCI (Top Secret/Sensitive Compartmented Information)

Professional Certification (one required):

· CISSP or CISSP-Associate

· CISA (Certified Information Systems Auditor)

· CISM (Certified Information Security Manager)

· CASP+ CE (CompTIA Advanced Security Practitioner)

· CCSP (Certified Cloud Security Professional)

· CySA+ (CompTIA Cybersecurity Analyst)

Experience: Minimum 3-4 years in:

· Vulnerability assessment and reporting

· ACAS/Nessus scan analysis and interpretation

· Understanding SCCM/MECM reports and metrics

· Endpoint security assessment (HBSS/Microsoft Defender)

· Creating executive-level vulnerability metrics and reports

· Data analysis and trend identification

· DoD vulnerability management programs

Contract Details

· Contract Type: Stand-alone Firm Fixed Price (FFP)

· Systems Access: Read-only to vulnerability management tools and dashboards

· Tools: Government-provided scanning tools (analysis only, not configuration)

· Focus: Assessment, analysis, and advisory services

· Deliverables: Monthly vulnerability reports, metrics, and trend analysis