Tenable Nessus Administrator SME

CACI is looking for a Tenable Nessus Administrator SME to support our DoD customer to implement an enterprise IT service delivery model that provides consistent, secure, high-quality, and cost-effective services to enable mission success and improve end user experience across the customer environment. On this program, CACI will deliver enhanced capabilities and services to implement and operate an enterprise ITSM solution, enterprise service desk, endpoint management and security solution, as well as CONUS/OCONUS field support and life cycle support for end user devices to enable the DoD customer to transition focus from IT operations to mission operations. As a Tenable Nessus Administrator SME, you will be responsible for team oversight, development, and management of ACAS scanning activities to enhance the organization's cybersecurity posture. Your primary focus will be overseeing and managing our ACAS (Assured Compliance Assessment Solution) scanning activities and the overall Tenable solution. You will work closely with the cybersecurity team, IT staff, and other stakeholders to ensure the effective operation of ACAS solution and their integration into the organization's infrastructure. This position is hybrid, with on site work located in Chantilly, VA. Responsibilities include managing, developing, and mentoring the ACAS scanning team; overseeing the administration, maintenance, and sustainment of the ACAS solution; maintaining and configuring Nessus, Nessus Manager, Nessus Agents, Log Correlation Engine, Nessus Network Monitor, and Security Center on both Linux/Unix and Windows based environments; ensuring compliance with organizational security policies and industry best practices; developing and implementing strategies to optimize scanning processes and improve vulnerability management; collaborating with cross-functional teams to address security findings and implement remediation plans; generating and presenting reports to stakeholders on vulnerability assessments and risk mitigation efforts; installing and configuring Nessus Agents; securing Tenable server and enabling TLS; integrating Tenable products with LDAP, Active Directory, and CyberArk; creating tenable Organizations, Repositories, and Scan Zones; managing local and LDAP based users; configuring tenable plugins/feeds and adding audit files; adding scan policies, audit policies, and credentials to Security Center and Nessus Manager; configuring Nessus Manager scan pulls to Security Center; defining scan policies and audit policies; adding scan credentials; scheduling scans; generating scan reports; importing/uploading scan reports for Vulnerability; analyzing and validating scan results. Qualifications required include DoD 8140 compliant certification such as CompTIA Security+, other relevant cybersecurity certifications like CISSP or CISM are a plus, must have a Secret Clearance, 15+ years of relevant experience (Bachelor’s Degree in relevant field may be substituted for 5 years of relevant experience), proven experience as a Nessus-Tenable Security Administrator or similar role, in-depth knowledge of Nessus Tenable (ACAS), Microsoft Defender for Endpoint, and STIG Management, familiarity with network and system security principles, protocols, and configurations, strong analytical and problem-solving skills, excellent communication and collaboration skills, understanding of industry compliance standards (e.g., NIST) and relevant regulations (e.g., GDPR, HIPAA) is advantageous, and willingness to stay updated with the latest cybersecurity trends and emerging security tools.