Lead or support vulnerability management, including analysis of ACAS, Nessus, SCAP, Fortify, STIG, IAVM, and other security findings. * Develop, maintain, and track POA&Ms for vulnerabilities, RMF ...
Lead or support vulnerability management, including analysis of ACAS, Nessus, SCAP, Fortify, STIG, IAVM, and other security findings. * Develop, maintain, and track POA&Ms for vulnerabilities, RMF ...
Cyber Security Engineer
Birmingham, AL · On-site
Conduct vulnerability scans using Tenable Nessus * Prioritize/analyze findings, coordinate remediation * Map threats/vulnerabilities to MITRE ATT&CK framework Threat Intelligence * Collect/analyze ...
Cyber Security Engineer
Birmingham, AL · On-site
Conduct vulnerability scans using Tenable Nessus * Prioritize/analyze findings, coordinate remediation * Map threats/vulnerabilities to MITRE ATT&CK framework Threat Intelligence * Collect/analyze ...
Cyber Security Engineer
Birmingham, AL · On-site
Conduct vulnerability scans using Tenable Nessus * Prioritize/analyze findings, coordinate remediation * Map threats/vulnerabilities to MITRE ATT&CK framework Threat Intelligence * Collect/analyze ...
Quick apply
Cyber Security Engineer
Birmingham, AL · On-site
Conduct vulnerability scans using Tenable Nessus * Prioritize/analyze findings, coordinate remediation * Map threats/vulnerabilities to MITRE ATT&CK framework Threat Intelligence * Collect/analyze ...
The role requires experience supporting secure DoD environments and working with cybersecurity tools and processes such as eMASS, ACAS, Nessus, SCAP, STIGs, RMF artifacts, Cyber Tasking Orders, and ...
The role requires experience supporting secure DoD environments and working with cybersecurity tools and processes such as eMASS, ACAS, Nessus, SCAP, STIGs, RMF artifacts, Cyber Tasking Orders, and ...
The role requires experience supporting secure DoD environments and working with cybersecurity tools and processes such as eMASS, ACAS, Nessus, SCAP, STIGs, RMF artifacts, Cyber Tasking Orders, and ...
The role requires experience supporting secure DoD environments and working with cybersecurity tools and processes such as eMASS, ACAS, Nessus, SCAP, STIGs, RMF artifacts, Cyber Tasking Orders, and ...
Lead or support vulnerability management, including analysis of ACAS, Nessus, SCAP, Fortify, STIG, IAVM, and other security findings. * Develop, maintain, and track POA&Ms for vulnerabilities, RMF ...
Lead or support vulnerability management, including analysis of ACAS, Nessus, SCAP, Fortify, STIG, IAVM, and other security findings. * Develop, maintain, and track POA&Ms for vulnerabilities, RMF ...
The candidate must be knowledgeable on a variety of scanning tools, including Tenable Nessus, NMAP, and Nipper, or similar security tools. Additionally, the ISSO must be able to create and interpret ...
The candidate must be knowledgeable on a variety of scanning tools, including Tenable Nessus, NMAP, and Nipper, or similar security tools. Additionally, the ISSO must be able to create and interpret ...
Vulnerability management Application security
Atlanta, GA · On-site
$56.50 - $75.50/hr
Atlanta, GA/TX Need 10+ experience on Information Security Cyber security Good experience in VM, Qualys, Nessus and Cyber security technologies. Good experience in Rapid7 Penetration testing
Vulnerability management Application security
Atlanta, GA · On-site
$56.50 - $75.50/hr
Atlanta, GA/TX Need 10+ experience on Information Security Cyber security Good experience in VM, Qualys, Nessus and Cyber security technologies. Good experience in Rapid7 Penetration testing
Cyber Security Engineer
Birmingham, AL · On-site
Conduct vulnerability scans using Tenable Nessus * Prioritize/analyze findings, coordinate remediation * Map threats/vulnerabilities to MITRE ATT&CK framework Threat Intelligence * Collect/analyze ...
Cyber Security Engineer
Birmingham, AL · On-site
Conduct vulnerability scans using Tenable Nessus * Prioritize/analyze findings, coordinate remediation * Map threats/vulnerabilities to MITRE ATT&CK framework Threat Intelligence * Collect/analyze ...
The role requires experience supporting secure DoD environments and working with cybersecurity tools and processes such as eMASS , ACAS, Nessus, SCAP, STIGs, RMF artifacts, Cyber Tasking Orders, and ...
The role requires experience supporting secure DoD environments and working with cybersecurity tools and processes such as eMASS , ACAS, Nessus, SCAP, STIGs, RMF artifacts, Cyber Tasking Orders, and ...
Senior Cybersecurity Engineer (ACAS/Trellix SME)
Fort George G Meade, MD · On-site
$150K - $190K/yr
ZTI Solutions is seeking a Senior Cybersecurity Engineer to serve as the primary ACAS (Tenable.sc/Nessus) and Trellix engineer supporting a multinational IL5/IL6 collaboration effort in an ...
Quick apply
Senior Cybersecurity Engineer (ACAS/Trellix SME)
Fort George G Meade, MD · On-site
$150K - $190K/yr
ZTI Solutions is seeking a Senior Cybersecurity Engineer to serve as the primary ACAS (Tenable.sc/Nessus) and Trellix engineer supporting a multinational IL5/IL6 collaboration effort in an ...
ACAS Subject Matter Expert
Falls Church, VA · On-site
$180K - $210K/yr
Manage enterprise ACAS deployment with 10-20 Nessus scanners. * Execute 150-400 credentialed vulnerability scans weekly across 200-600 systems. * Analyze 5,000-15,000 vulnerability findings weekly.
Quick apply
ACAS Subject Matter Expert
Falls Church, VA · On-site
$180K - $210K/yr
Manage enterprise ACAS deployment with 10-20 Nessus scanners. * Execute 150-400 credentialed vulnerability scans weekly across 200-600 systems. * Analyze 5,000-15,000 vulnerability findings weekly.
Win 10 Win 11 Intune SCCM Tanium Tenable/Nessus
Win 10 Win 11 Intune SCCM Tanium Tenable/Nessus
Information System Security Engineer - Senior
Warrenton, VA · On-site
$106K - $144K/yr
Vulnerability Management (ACAS/Nessus) * Architecture & Strategy: Design enterprise-wide vulnerability scanning strategies and manage the deployment of Security Centers and Nessus scanners.
Information System Security Engineer - Senior
Warrenton, VA · On-site
$106K - $144K/yr
Vulnerability Management (ACAS/Nessus) * Architecture & Strategy: Design enterprise-wide vulnerability scanning strategies and manage the deployment of Security Centers and Nessus scanners.
Experience using: • Tenable Nessus Manager • Linux • Trellix E-Policy Orchestrator • Windows 10/11, Server 2016/2019/ • Windows Active Directory
Experience using: • Tenable Nessus Manager • Linux • Trellix E-Policy Orchestrator • Windows 10/11, Server 2016/2019/ • Windows Active Directory
IT Security Analyst
Herndon, VA · On-site
MUST be a US Citizen and ONLY hold US citizenship (No Dual Citizens)* familiarity with standard industry tools like Splunk, Crowdstrike, Nessus , etc. Summary: The main function of an IT Security ...
Quick apply
IT Security Analyst
Herndon, VA · On-site
MUST be a US Citizen and ONLY hold US citizenship (No Dual Citizens)* familiarity with standard industry tools like Splunk, Crowdstrike, Nessus , etc. Summary: The main function of an IT Security ...
Nessus / Rapid7 * Security Development and Operations (SecDevOps) * Various security tools and processes such as Splunk, Nessus Security Center, WebInspect, Xacta * Cloud security controls and ...
Quick apply
Nessus / Rapid7 * Security Development and Operations (SecDevOps) * Various security tools and processes such as Splunk, Nessus Security Center, WebInspect, Xacta * Cloud security controls and ...
Information System Security Engineer - Senior
Warrenton, VA · On-site
$106K - $144K/yr
Vulnerability Management (ACAS/Nessus) * Architecture & Strategy: Design enterprise-wide vulnerability scanning strategies and manage the deployment of Security Centers and Nessus scanners.
Information System Security Engineer - Senior
Warrenton, VA · On-site
$106K - $144K/yr
Vulnerability Management (ACAS/Nessus) * Architecture & Strategy: Design enterprise-wide vulnerability scanning strategies and manage the deployment of Security Centers and Nessus scanners.
Senior Vulnerability Management Analyst
Springfield, VA · Hybrid
$107K - $125K/yr
Conduct and Manage ACAS Vulnerability Scanning, including Tenable.sc, Nessus Agent and Nessus Network Monitor. * Analyze policies, configurations, and evaluate compliance with regulations and ...
Senior Vulnerability Management Analyst
Springfield, VA · Hybrid
$107K - $125K/yr
Conduct and Manage ACAS Vulnerability Scanning, including Tenable.sc, Nessus Agent and Nessus Network Monitor. * Analyze policies, configurations, and evaluate compliance with regulations and ...
Site Reliability Engineer
Aurora, CO · On-site
$57.75 - $77/hr
... Nessus, Jira, or Confluence • Knowledge of patching and hardening systems • TS/SCI clearance with a polygraph • HS diploma or GED • Ability to obtain a Security+ CE, SSCP, CCNA-Security, or ...
Site Reliability Engineer
Aurora, CO · On-site
$57.75 - $77/hr
... Nessus, Jira, or Confluence • Knowledge of patching and hardening systems • TS/SCI clearance with a polygraph • HS diploma or GED • Ability to obtain a Security+ CE, SSCP, CCNA-Security, or ...
Nessus information
See salary details
$33.5K - $46.3K
1% of jobs
$46.3K - $59K
0% of jobs
$59K - $71.8K
0% of jobs
$71.8K - $84.6K
0% of jobs
$84.6K - $97.4K
4% of jobs
$109.3K is the 25th percentile. Wages below this are outliers.
$97.4K - $110.1K
21% of jobs
$110.1K - $122.9K
15% of jobs
The median wage is $132.8K / yr.
$122.9K - $135.7K
12% of jobs
$135.7K - $148.5K
14% of jobs
$148.5K - $161.2K
7% of jobs
$161.9K is the 75th percentile. Wages above this are outliers.
$161.2K - $174K
26% of jobs
$33.5K
$137.7K
$174K
How much do nessus jobs pay per year?
Can I make $200,000 a year in cyber security?
What is a Tenable job?
What is a Nessus job?
A Nessus job typically involves using Tenable's Nessus vulnerability scanner to assess network security by identifying weaknesses, misconfigurations, and vulnerabilities in systems. Security professionals in this role configure and run scans, analyze results, and provide remediation recommendations to improve cybersecurity posture. Nessus jobs are commonly held by penetration testers, security analysts, and IT administrators responsible for maintaining secure environments.
What does Nessus do?
What are the key skills and qualifications needed to thrive in the Nessus position, and why are they important?
To thrive as a Nessus Vulnerability Analyst, you need a strong foundation in cybersecurity principles, vulnerability assessment, and network security protocols, often demonstrated by a degree in computer science or a related field. Experience with the Nessus vulnerability scanner, familiarity with security frameworks (like CIS or NIST), and relevant certifications such as CompTIA Security+ or CEH are highly valued. Attention to detail, analytical thinking, and strong written communication are important soft skills for accurately reporting findings and collaborating with IT teams. These competencies are crucial for effectively identifying, analyzing, and mitigating security risks within an organization.
What company owns Nessus?
What does a typical day look like for someone working as a Nessus Vulnerability Analyst?
As a Nessus Vulnerability Analyst, your day typically involves conducting vulnerability scans across various network assets, interpreting the resulting reports, and prioritizing the remediation of identified risks. You’ll collaborate closely with IT and security teams to follow up on critical findings, document remediation steps, and ensure compliance with organizational policies. Regular communication with stakeholders is essential, as you’ll provide updates and recommendations based on current threat landscapes. This role offers the opportunity to continuously learn about emerging security threats and technologies while directly contributing to your organization’s cyber defense posture.

Full-time
Posted 25 days ago
Job description
DecisionPoint seeks a Information Assurance Engineer - Senior to provide cybersecurity, compliance, and risk management support for Global Information Technology Support Services supporting the Military Surface Deployment and Distribution Command (SDDC) Deputy Chief of Staff for Information Management (G6). This position supports the security, assessment, authorization, monitoring, and compliance of SDDC information systems across classified and unclassified enterprise environments.
The Senior Information Assurance Engineer will provide experienced support for Risk Management Framework activities, eMASS documentation, vulnerability management, STIG compliance, POA&M tracking, cyber compliance reporting, and incident response. The role requires strong experience supporting secure DoD environments and coordinating cybersecurity activities across technical teams, Government stakeholders, ISSOs, ISSMs, system administrators, and program personnel.
This position is located at HQ SDDC, Scott Air Force Base, Illinois.
Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid.
Duties & Responsibilities
The Senior Information Assurance Engineer will:
- Provide senior-level cybersecurity and information assurance support for SDDC systems, networks, and cloud-hosted business systems.
- Support RMF activities for the HQ SDDC Installation Campus Network and assigned business systems throughout the authorization lifecycle.
- Develop, review, update, and maintain RMF documentation, security artifacts, control implementation details, authorization packages, and supporting technical documentation.
- Maintain cybersecurity records in eMASS, including authorization status, control posture, assessment results, POA&Ms, system changes, and related artifacts.
- Support continuous monitoring through control assessments, change documentation, risk assessments, impact analysis, and security/privacy posture reporting.
- Lead or support vulnerability management, including analysis of ACAS, Nessus, SCAP, Fortify, STIG, IAVM, and other security findings.
- Develop, maintain, and track POA&Ms for vulnerabilities, RMF findings, STIG findings, IAVMs, and other compliance items.
- Support vulnerability reporting and remediation coordination, including weekly Vulnerability Index reporting and tracking of open Nessus or IAVM findings.
- Monitor STIG compliance, review manual and automated results, validate findings, and map STIG findings to applicable RMF controls.
- Support Cyber Tasking Order compliance, cyber scorecard reporting, audit support, compliance tracking, and cybersecurity posture reporting.
- Review firewall, whitelist, PPSM, and related cybersecurity compliance requests and provide recommendations to Government cybersecurity leadership.
- Support incident response by reviewing suspicious activity, researching potential incidents, and assisting with response, containment, eradication, and recovery.
- Administer, configure, maintain, and report on cybersecurity tools such as HBSS, ACAS, Nessus/Security Center, SolarWinds SEM, McAfee NSM, IDS sensors, Splunk, LogRhythm, or comparable tools.
- Coordinate cybersecurity activities with ISSOs, ISSMs, system administrators, network engineers, program offices, functional managers, and Government stakeholders.
- Maintain accurate compliance records, trackers, reports, technical documentation, and audit artifacts for inspections, assessments, authorizations, and Government reporting.
- Ensure cybersecurity activities comply with applicable DoD, Army, USTRANSCOM, SDDC, RMF, STIG, information assurance, and incident handling requirements.
Qualifications
Clearance Requirement:
- Must hold an active Secret clearance.
- Must be eligible to obtain and maintain required Common Access Card (CAC), facility access, system access, and Government network access.
Education:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or a related technical discipline.
Experience:
- Minimum 8 years of experience supporting cybersecurity, information assurance, RMF, vulnerability management, or compliance activities within DoD or federal environments.
- Experience supporting RMF authorization activities, system security documentation, control assessment, continuous monitoring, and ATO package development.
- Experience using eMASS to maintain RMF packages, document controls, track POA&Ms, update authorization information, and support assessment activities.
- Experience reviewing vulnerability scan results and coordinating remediation using tools such as ACAS, Nessus, SCAP, Fortify, or comparable DoD-approved scanning tools.
- Experience supporting DISA STIG compliance, including checklist review, finding validation, remediation coordination, and audit documentation.
- Experience developing, updating, and tracking POA&Ms for RMF controls, vulnerabilities, IAVMs, cyber findings, and compliance gaps.
- Experience supporting incident response, suspicious activity reporting, cyber compliance reporting, cyber scorecards, and coordination with ISSO, ISSM, or cybersecurity leadership.
- Experience coordinating cybersecurity activities across technical teams, Government stakeholders, and program personnel in mission-focused environments.
Technical Knowledge:
- Knowledge of DoD cybersecurity policies, RMF, eMASS, DISA STIGs, POA&M management, IAVM compliance, continuous monitoring, and vulnerability management processes.
- Familiarity with cybersecurity tools such as ACAS, Nessus/Security Center, SCAP, HBSS, McAfee security tools, IDS sensors, Splunk, SolarWinds SEM, LogRhythm, or comparable tools.
- Understanding of cyber compliance reporting, Cyber Tasking Orders, cyber scorecards, vulnerability index reporting, audit support, and authorization package maintenance.
- Knowledge of system security documentation, assessment procedures, control inheritance, ATO conditions, risk assessments, and security control validation.
- Understanding of secure configuration management, system hardening, patching, incident handling, firewall compliance, whitelist review, and PPSM requirements.
- Ability to assess technical findings, evaluate operational risk, and recommend practical remediation actions to Government and technical stakeholders.
Certifications (Preferred):
- Must hold applicable DoD 8140 / 8570 cybersecurity workforce baseline certification as required for the position.
- Must meet applicable PWS IA baseline and computing environment certification requirements, as validated against the DD254 and final RFP.
- Security+ CE, CySA+, CASP+, CISSP, or other DoD-approved cybersecurity certification preferred, depending on final labor category and access requirements.
Skills:
- Strong analytical and problem-solving skills in cybersecurity and compliance-driven environments.
- Ability to lead cybersecurity documentation, assessment, remediation, and reporting activities with minimal oversight.
- Strong attention to detail when reviewing RMF controls, STIG checklists, vulnerability findings, POA&Ms, and audit artifacts.
- Ability to coordinate effectively with system administrators, network engineers, cybersecurity staff, Government stakeholders, and technical leads.
- Strong written and verbal communication skills for reporting risks, findings, remediation status, compliance posture, and recommendations.
- Commitment to protecting DoD information systems, supporting mission assurance, and maintaining continuous cybersecurity compliance.
Our Equal Employment Opportunity Policy
- EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
- Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
- Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.