Theater Vulnerability Manager Subject Matter Expert

Matlock is looking for a Theater Vulnerability Manager Subject Matter Expert (SME) to provide technical assistance to Headquarters Pacific Air Forces (HQ PACAF) Defensive Cyber Operations and Mission Assurance Branch. The Theater Vulnerability Manager SME works directly for the PACAF Defensive Cyber Operations and Mission Assurance Branch but works with various PACAF AOR personnel to execute the following duties and responsibilities. The position shall provide expert support, analysis and research into exceptionally complex problems, and processes relating to PACAF Theater Vulnerability Management.

Typical Responsibilities:

• Analyzes PACAF AOR cyber security posture reports

• Provides PACAF cyber units expertise and fix action guidance

• Interfaces with base cyber units and provides PACAF leadership a depiction of PACAF Wings ability to:

o Scan Assured Compliance Assessment Solution (ACAS)

o Mitigate (via MS System Center Configuration Management (SCCM)/MS Endpoint

Configuration Manager (MECM)) o Maintain Host Based point products mandated by the DoD (End Point Security formerly known as HBSS)

• Maintains proficiency on current and future End Point Security assessment tools

• Assists PACAF cyber field support team with Vulnerability Management (VM)

• Provide and/or coordinate vulnerability mentor training (virtual or on-site) to PACAF bases as requested

• Creates and maintains cyber security/VM management training documentation

• Interfaces with cyber security technicians/ISSMs to maintain up-to-date reporting to keep PACAF compliant

• Maintains command wide SCCM & MECM health status

• Coordinate with Vulnerability Management teams upon scan result analysis o Identify patching issues/troubleshooting way ahead o Produce report to chain of command informing of patching status

• Analyzes & produces command wide NIPRNet & SIPRNet weighted vulnerability indicator scores

• Produces & disseminates cyber security/vulnerability reports to PACAF staff containing current MAJCOM security posture

• Utilizes CORA reports from the DISA J3 website on SIPRNet to advise PACAF Cybersecurity staff of findings and level of risk

• Assists with cyber operations briefs by preparing and briefing command-wide statuses to the PACAF Director of Air and Cyberspace Operations

• Creates and conducts PACAF compliance update briefs on command wide cyber security status and assist with troubleshooting cyber security shortfalls

• Assists with creating TASKORDs to raise PACAF cyber security posture

• Tracks status of VM POAMs until completion and reports at risk POAMs to PACAF leadership

• Augments CRR-M team as required

• Maintain Internet Protocol (IP) space and asset lists to cover 100% base assets

• Maintain MAJCOM ACAS Account with auditing role in order to analyze and produce vulnerability metrics

• Maintain SIPRNet PROD Account in order to provide command wide SCCM/MECM patching analysis on SIPRNet

• Maintain ELICSAR Account for situational awareness of cybersecurity toolsets used in PACAF

• Maintain AFNET Compliance Tracker Account in order to maintain situational awareness of CTOs, MTOs, TCNOs pertaining to vulnerability management

• Provides Government Representative o Contract Personnel Roster o Updates to contractor availability o Contract Invoices & Funding Expenses o Monthly Status Report (MSR) o Contractor’s Non-Disclosure Agreements (NDA) o Kick-Off Brief & Close-Out Brief o Transition Brief

o Assistance with processing contractors travel requirements

• Track contract o Labor/Events/Workload/Travel schedule & expenses o Metrics of Program for Yearly Closeout

• Provides Cybersecurity SME contractors assistance with:

o Common access Card (CAC) ID processing and renewals o Building Badge processing and renewals o DD254

o TS/SCI processing and renewals

o Synchronized Pre-deployment and Operational Tracker (SPOT) processing o Financial preparation o Letters of Identification o Travel Estimates/Schedule

• Ensure all contractors follow all applicable commercial, and government/military standards which include, but are not limited to the following:

o Department of Defense Instruction 8500.01, Cybersecurity

o Department of Defense Instruction 8510.01, RMF for DoD Systems

o Committee on National Security Systems Instruction 1253, Security Categorization and

Control Selection for National Security Systems o National Institute of Standards and Technology Special Publication 800-53, Security and

Privacy Controls for Federal Information Systems and Organizations o National Institute of Standards and Technology Special Publication 800-53A, Guide for Assessing the Security Controls in Federal Information Systems and Organizations:

Building Effective Security Assessment Plans o National Institute of Standards and Technology Special Publication 800-39, Managing

Information Security Risk: Organization, Mission, and Information System View o National Institute of Standards and Technology Special Publication 800-30, Guide for

Conducting Risk Assessments o All applicable DISA STIGs and Security Review Guides (SRGs) o Air Force Instruction (AFI), 17-130 Cyber Security Program Management o AFI 17-101, RMF for Air Force Information Technology (IT)

o AFI 17-110, Information Technology Portfolio Management and Capital Planning and Investment Control

Required Qualifications: The successful candidate will have extensive information technology experience to include:

• Top Secret (TS) / Sensitive Compartmented Information (SCI) security clearance

• DoD 8570.1-M certified at Information Assurance Technical (IAT) Level 3 - Anyone (1) of the following:

o CompTIA Advanced Security Practitioner Continuing Education (CASP CE) o Cisco Certified Network Professional-Security (CCNP-Security) o Certified Information Systems Auditor (CISA)

o Certified Information Systems Security Professional (CISSP) (or Associate - this means the individual has qualified for the certification except for the number of years’ experience)

o Global Information Assurance Certification (GIAC) Certified Enterprise Defender

(GCED) o GIAC Certified Incident Handler (GCIH) o Certified Cloud Security Professional (CCSP)

• Have 2-3 years of experience and the skills required to execute Federal, National, DoD, USAF CIO, and US State Department Requirements to be able to assess cyber risk, identify mission sets, and defend the mission

• Have 2-3 years of experience of applying, assessing, and advising MAJCOM staff and Wings on cybersecurity requirements

• Understand the AF Cyber architecture and PACAF MOBs and GSUs roles

• Ability to travel to PACAF MOBs and GSUs to conduct duties and responsibilities at a minimum up to 40% of the time

• Proficiency in Microsoft Office Suite products and SharePoint collaborative tools.

• Certificates of completion for the following training o Level 1 Anti-Terrorist Training - within the past year

▪ https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=JS&course_numb er=-US007

o Level A Survival, Evasion, Resistance, and Escape (SERE) Training - within the past 1-2 years

▪ https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=J3T&course_nu mber=A-US1329

o USFK Training - no time requirement (only required to be taken once)

▪ https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=USFK&course_n umber=-US171

o DoD Cyber Awareness Challenge - within the past year

▪ https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=DOD&course_nu mber=-US1364-23

o Operations Security (OPSEC) Awareness - within the past year

▪ https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=PAC&course_nu mber=-US017

o Derivative Classification IF103.16 - within the past year

▪ https://www.cdse.edu/Training/eLearning/IF103 o Force Protection - within the past year

▪ https://lms-jets.cce.af.mil/moodle/enrol/index.php?id=12739

• Have 3-4 years of experience conducting Network Vulnerability Engineering functions • Expertise in the following DoD, AF, DISA, NIST, NIAP and PACAF processes:

o 3-4 years of experience of DoD approved Scanning Tools (e.g., ACAS) o 3-4 years of experience of Microsoft SCCM & MECM o Familiarization of End Point Security Point Product requirements o Ability to analyze and develop cyber vulnerability information into an understandable presentation

o Proficiency in Microsoft Office Suite products and SharePoint collaborative tools to build trend analysis

o In-depth experience with DISA STIGs and by-product analysis

Desired Knowledge, Skills, and Abilities

• Ability to maintain view rights to SIPRNet and NIPRNet vulnerability tools to analyze and compile data for leadership

• Knowledge and understanding of the latest vulnerability management (scanning, patching, reporting metrics) processes and procedures and be able to maintain currency

• Knowledge and understanding of USAF Methods and Procedures Technical Order

(MPTO) 00-33-1109A, USCYBERCOM Computer Network Defense (CND) Directives,

Task Orders (TASKORDs), Operational Orders (OPORDs) and track Time Compliance Network Orders (TCNO) and Information Assurance Vulnerability Management (IAVM) programs and the like

• Understanding of Host Base Security System (HBSS)/ePolicy Orchestrator (ePO) functions: o How to produce asset lists to identify devices capable of McAfee Agent install o How to produce asset lists to identify devices not capable of McAfee Agent install (whitelists)

• Experience conducting discovery scans to identify unknown base assets

• Experience analyzing vulnerability scan results and providing way forward to improve cybersecurity posture with patching

• Experience maintaining credentials to scan for 95% accuracy on base assets to include Program Management Office (PMO) systems

• Experience conducting vulnerability scanning via ACAS/Tenable.sc on 100% of assets during assigned scan schedule

• Ability to receive, organize and present vulnerability notifications & statuses

• Experience with email, and other communication platforms to include but not limited to MS Teams group chats, MS SharePoint site, and VoIP Phones

• Proficiency with the latest Microsoft tool suite (i.e., PowerPoint, Excel, Word, etc.)

• Ability to brief technical information to both technical and non-technical audiences

• Experience briefing senior leaders and large audiences; excellent communication skills

• PACAF organizational awareness

Location: Joint Base Pearl Harbor – Hickam, HI

Job Type: Full-time, on-site

Period of Performance: The Period of Performance is for a period of one (1) base year, plus four (4) option year periods, comprising the period 30 September 2025 to 29 September 2030.

PLEASE NOTE THAT A CONTINGENCY OFFER WILL BE MADE TO THE SUCCESSFUL CANDIDATE. UPON AWARD OF THE CONTRACT THAT MATLOCK IS BIDDING ON, WE WILL HIRE THE CANDIDATE.

Benefits: Matlock and Associates offers a variety of benefit options, including the following:

• Health insurance

• Paid time off

• Dental insurance

• 401(k)

• Vision insurance

• Tuition reimbursement

• 401(k) matching

• Referral program

• Flexible spending account

• Health savings account

• Parental leave

• Professional development assistance

About Matlock

A leader in custom software solutions, IT infrastructure, and austere environment operations, Matlock & Associates is at the nexus of mission sets critical to both the public and private sectors. Founded in 2011, it stands out as uniquely positioned to realize bespoke technological solutions that are tailor-made to meet its clients’ most pressing operational needs. Matlock’s experience in some of the world’s most challenging environments deepens its capabilities, bridging gaps between processes, technology, and infrastructure.

Job Type: Full-time

Pay: $175,000.00 - $185,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Employee assistance program
• Flexible spending account
• Health insurance
• Health savings account
• Paid time off
• Parental leave
• Professional development assistance
• Referral program
• Tuition reimbursement
• Vision insurance

Schedule:

• 8 hour shift
• Monday to Friday

Work Location: In person

Salary : $175,000 - $185,000