Tenable Tech Refresh Engineer

This is a remote position.

The Tenable Technical Refresh Engineer will join an Engineering Resolution and Modernization Team supporting the Department of the Air Force (DAF) Enterprise Information Technology as a Service (EITaaS). The primary focus is to engineer, deploy, and transition a new Tenable architecture, ensuring seamless modernization of ACAS components, including scanner appliances, Nessus Managers, and Security Center. This role requires technical expertise in vulnerability management, hardening, and troubleshooting ACAS in high-priority USAF production environments.

Key Responsibilities (Tech Refresh & Operations)

• Modernization & Migration: Lead the technical refresh of legacy ACAS components to updated Tenable infrastructure, including planning, testing, and implementing pilot and enterprise-level cutovers.
  

• Architecture & Deployment: Build, configure, and maintain Tenable Security Center, Nessus Scanners, Passive Vulnerability Scanner (PVS), and Nessus Agents on Linux/Unix and Windows environments.
  

• Vulnerability Scanning Health: Maintain day-to-day operations of scan engines, scan jobs, policy creation, credentials, schedules, and reporting functions.
  

• Troubleshooting & Resolution: Resolve complex engineering issues related to vulnerability remediation, plugin/protocol errors, credential/firewall issues, and data feed issues within the ACAS/EITaaS environment.
  

• Automation: Develop automation scripts (Python, PowerShell) to optimize scanning processes, reduce manual intervention, and improve remediation tracking.
  

• Compliance: Ensure all ACAS components are configured according to DISA STIGs, SCAP compliance, and Risk Management Framework (RMF) requirements.
  

• Documentation: Create and maintain System Security Plans (SSPs), SOPs, and technical diagrams.
  

Required Qualifications

• Clearance: Active DoD Secret clearance required.
  

• Experience: 5+ years of relevant IT experience, with at least 3+ years of direct, hands-on experience with Tenable Assured Compliance Assessment Solution (ACAS).
  

• DoD Experience: 1+ years of experience supporting DoD or Air Force network environments.
  

• Technical Skills:
  

  • Deep understanding of ACAS/Tenable.sc/Nessus architecture.
    

  • Strong Linux/Unix command-line skills (Red Hat preferred).
    

  • Familiarity with DISA STIGs and SCAP scanning.
    

• Certifications: IAT Level II or III (e.g., CISSP, Security+ CE, GCSA).
  

Desired Skills

• Experience with Cloud technologies (Azure/AWS) in a DoD context.
  

• Knowledge of Splunk, ESS/Trellix ePO, or ELK stack.
  

• Experience in RMF Assessment and Authorization (A&A) process.