SRA International, Inc., A CSRA Company Cybersecurity (McAfee) Scanning Engineer (Secret Clearance Required) in Arlington, Virginia

Clearance Level Must Currently Possess:

Interim Secret

Clearance Level Must Be Able to Obtain:

Top Secret


No Suitability Required

Job Family:

Information Technology

Job Description:

This position supports continuous network vulnerability and compliance scanning for the Department of State’s Bureau of Diplomatic Security. The duties include, but are not limited to, conducting compliance and vulnerability scans on workstations, servers, databases, web servers and DMZ assets as well as reporting metrics, generating contract required deliverables, researching cyber security issues, and providing customer service. The Enterprise Scanning team is responsible for weekly vulnerability and compliance reporting on over 120,000 assets across 300 foreign posts and hundreds of domestic locations.

Daily Responsibilities:

  • Responsible for implementing and maintaining McAfee ePolicy Orchestrator, HIPS and Policy Auditor.

  • Installing McAfee ePO/Agent into clouds and other network enclaves

  • Maintenance of the Agent/McAfee infrastructure/Database

  • Working with the McAfee Vendor to resolve issues

  • Upgrade of McAfee Epo to McAfee ENS

  • Working with enterprise to resolve HIPS connectivity with other security tools (Symantec)

  • Install, operate, monitor, and maintain host-based McAfee security products via McAfee ePolicy Orchestrator.

  • Develop and execute upgrade plans for multiple security products (including ePolicy Orchestrator) on a regular basis.

  • Create, tune, and implement custom IPS signatures based on indicators, intelligence, and collaboration with other groups.

  • Routinely analyze and reconfigure product configurations in an effort to optimize and automate daily operations.

  • Act as a point of escalation for all McAfee technical issues for 10+ colleagues.

  • Document and maintain SCAP content that is leveraged by Policy Auditor for security compliance scanning.

  • Monitor Remedy ticketing system and support security help desk

  • Perform and post results of bi-weekly and on demand vulnerability assessments

  • Provide incident reporting and response capability

  • Ensure data flows are maintained between internal tools and enterprise-wide reporting dashboard


Interim Secret Clearance to start, ability to obtain TS with 3+ years experience in the following:

  • Working knowledge of and experience in the federal information systems methodology, policy, and standards environment of information security, especially in government is desirable. Excellent written and oral communications skills desired. Ability to work collaboratively with a broad range of constituencies essential. A demonstrated ability to work with diverse groups of people is required. Experience with current tools (McAfee ePolicy Orchestrator, HIPS, Policy Auditor, and Rapid 7 Vulnerability Scanner is strongly desired.

  • Experience performing vulnerability and/or compliance scanning in an enterprise network environment

  • Technical knowledge of information technology and cyber security standards and issues is required for this position

  • Center for Strategic and International Studies: Twenty Critical Controls for Effective Cyber Defense

  • NIST Special Publication 800-53

  • ITIL and ITSM methodology

  • The IT Security Functional Requirements, outlined in the protection profile for databases by NIAP CCEVS (

  • The CVE (Common Vulnerabilities and Exposures) standard

  • Effective written and verbal communication skills

  • Persistent and polite follow-up with clients in order to maintain project schedule

  • Problem solving and attention to detail


Bachelor’s Degree desired but not required, preferably in IS, IT or related discipline

Preferred but not required – CISSP, CEH, CompTIA Security+ and/or Network # of Openings:


Scheduled Weekly Hours:


T elecommuting Options:

Telecommuting Not Allowed

Work Location:

USA VA Arlington - 1801 N Lynn St (VAC181)

Additional Work Locations:

CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.


CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.

We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.

Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.

We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.