• Product Support Manager

    BEAT LLC (San Antonio, TX)


    Job Title: Product Support Manager - Intermediate (Vulnerability Assessment Analyst)

     

    Education: - BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science or Military Training or Approved DoD 8140 cyber-related certification

     

    Certification: GLCS, CISSP

    Position Description:

    The Information Assurance (IA) Security Administrator – Vulnerability Assessment Analyst supports the DHA Domain and Directory Services Branch (DDSB) by performing continuous monitoring, vulnerability assessments, and remediation validation to protect enterprise IT systems. This role ensures compliance with the DoD Risk Management Framework (RMF), DHA security directives, and enterprise cybersecurity standards. The IA Security Vulnerability Assessment Analyst plays a vital role in reducing cyber risk across the DHA enterprise. By identifying vulnerabilities, validating remediations, and ensuring compliance with RMF and DoD directives, this role strengthens DHA’s cybersecurity posture and helps protect mission-critical healthcare IT systems across the Military Health System.

     

    Conduct credentialed vulnerability scans using ACAS, Nessus, and related tools, ensuring complete coverage of enterprise servers, endpoints, and applications.

     

    Identify, analyze, and report security vulnerabilities and misconfigurations, providing risk-based recommendations to system administrators and security teams.

     

    Maintain accurate and up-to-date asset inventories in ACAS and eMASS, ensuring all systems are continuously scanned and tracked.

     

    Develop and update Plan of Action and Milestones (POA&Ms) for vulnerabilities that cannot be immediately remediated, tracking progress and verifying closure.

     

    Provide weekly and ad-hoc vulnerability reports in compliance with DHA reporting schedules and DoD cybersecurity requirements. · Collaborate with Control Assessors, Systems Administrators, and engineering teams to integrate vulnerability assessment results into risk assessments, change management processes, and accreditation packages.

     

    Support incident response activities by identifying exploited vulnerabilities and documenting corrective actions.

     

    Develops: o Weekly and on-demand vulnerability scan reports; Updated asset and compliance reports in ACAS/eMASS; POA&Ms documenting mitigation strategies and remediation progress o Security risk assessment documentation and validation artifacts; Vulnerability-related incident and corrective action reports