Navy Qualified Validator (remote/hybrid)

ISHPI Information Technologies • Remote (District of Columbia, United States) • 3w ago

Overview

NAVSEA is currently seeking a skilled Navy Qualified Validator with Secret Clearance in Washington, DC. As a key member of our team, the Navy Qualified Validator will play a vital role in ensuring the security and integrity of shipboard and shore-based operational sites, laboratory/development environments, and land-based test sites in support of the United States Navy. This position may offer remote and/or hybrid work arrangements based on customer discretion.

Responsibilities

The Navy Qualified Validator (NQV) will be responsible for assisting in the technical implementation of the Risk Management Framework (RMF) for Assess Only (AO) and Assessment and Authorization (A&A) services. They will conduct cybersecurity and risk assessments on Platform Information Technology (PIT) and PIT control systems (Industrial Control Systems) to identify and mitigate technical and non-technical vulnerabilities. Duties include, but are not limited to:

Assess and document risk, perform security control assessments, and document compliant and failed security controls in eMASS.
Assist with eMASS data entry requirements and population. Recommend corrections to eMASS record.
Perform duties of an NQV Level II in execution of DoN RMF processes including the completion of workflow steps in eMASS, the development of RMF artifacts (Security Plan, Security Assessment Plan, Security Assessment Report, etc.) and the completion of Security Assessments.
Apply your demonstrated knowledge to assess compliance with NIST 800-53A Security Controls for Assess Only systems.
Ensure traceability of all vulnerabilities from raw assessment results to the POA&M.
Support the continuous monitoring program as necessary.

Qualifications

Education: BA or BS degree in Computer Science/Engineering or related technical discipline.

Experience:

5 or more years of experience with DoD Security Control Assessments, Information Assurance Certification and Accreditation Process (DIACAP)/ DoD Risk Management Framework (RMF)
Familiarity with network mapping, vulnerability scanning tools (e.g., ACAS, Nessus), and Security Technical Implementation Guides (STIGs) and Security Requirement Guides (SRGs).
Demonstrated working knowledge of DoD Information Assurance and Cybersecurity policies, procedures and practices including the Risk Management Framework (RMF) and NIST SP 800-53
Network Knowledge: Strong understanding of general networking concepts (TCP/IP, OSPF, etc.).

Certification:

IAT Level 2 certification or higher (ex. CompTIA Security+, CASP, CISSP)
Must possess a Navy Qualified Validator Certification (NQV) Level II in good standing (must be on the current NQV list)

Security Clearance: Requires U.S. Citizenship and an active DoD government security clearance.

“Ishpi Information Technologies, Inc. is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, disability, or status as a protected veteran.”

Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified, you may be contacted for this and future openings.

*cj