Navy Qualified Validator NQV (Level 2)
Jacksonville, FL
Contracted
Experienced
Job Summary
Emerging Tech (ET) is seeking a Navy Qualified Validator (NQV) Level II to support a Risk Management Framework (RMF) project for the U.S. Naval Forces Southern Command (USNAVSO)/US FOURTH Fleet (FOURTHFLT) Command Control (C2) Information System (IS) located in Naval Station Mayport, FL. The person should be willing to work onsite at Mayport base and locally in Jacksonville, Florida, with SIPR access. We seek a person with great aptitude, a professional attitude, fantastic work ethics, and in-depth technical knowledge to maintain an ATO and stay compliant with RMF, including provisions to conduct periodic reviews, draft checklists for audit, device and software additions, and future network expansion. The person must have a strong Navy RMF cybersecurity background to validate new equipment, Security Technical Implementation Guides (STIGS), Artifacts, update Plan of Action and Milestones (POAMs) and submit Moderate Software Assurance Requirement (SAR) for approval for Full ATO for three years.
Responsibilities and Duties
Desirable Qualifications and Skills
Emerging Tech (ET) is seeking a Navy Qualified Validator (NQV) Level II to support a Risk Management Framework (RMF) project for the U.S. Naval Forces Southern Command (USNAVSO)/US FOURTH Fleet (FOURTHFLT) Command Control (C2) Information System (IS) located in Naval Station Mayport, FL. The person should be willing to work onsite at Mayport base and locally in Jacksonville, Florida, with SIPR access. We seek a person with great aptitude, a professional attitude, fantastic work ethics, and in-depth technical knowledge to maintain an ATO and stay compliant with RMF, including provisions to conduct periodic reviews, draft checklists for audit, device and software additions, and future network expansion. The person must have a strong Navy RMF cybersecurity background to validate new equipment, Security Technical Implementation Guides (STIGS), Artifacts, update Plan of Action and Milestones (POAMs) and submit Moderate Software Assurance Requirement (SAR) for approval for Full ATO for three years.
Responsibilities and Duties
- Perform all RMF process steps, in the role of Navy Validator, in accordance with (IAW) Secretary of the Navy Instruction (SECNAVINST) 3052.2 - Cyberspace Policy, IAW Commander, Navy Cyber Force Instruction (COMNAVCYBERFORINST) 5239.2A - Cyber Security and Information Assurance, and IAW Department of Defense Instruction (DoDI) 8510.01.
- Perform security control assessments and validations of a system's technical and non-technical security features to address known threats and vulnerabilities. Assessments shall identify and consider impacts, as well as address existing risk mitigation strategies.
- Support updates of any risk assessment related documentation (Risk Assessment Reports, Plan of Actions & Milestones, etc.) based on assessment results.
- Perform required vulnerability analysis to support mitigation and residual risk determination.
- Individual must be a Navy Qualified Validator registered and certified by Navy SCA
- Must be able to submit SAP and SAR (Understand how to do it)
- Understand the functions of eMASS
- Understand the eMASS workflow with the SCAL and SCA
- Support the continuous monitoring program, as necessary, when System Level Continuous Monitoring results will be used to support continuing authorization requirements.
- Able to access SIPR for remote work when needed.
- Support contingency planning, testing, and execution, as required.
- Support incident response process
- Participate in meetings with the program team and provide project status.
- Responsible for quality assurance review and the evaluation of existing and new software products
- Ability to create system diagrams using tools such as Microsoft Visio
- Technical Writing (Assist with the development of technical Standard Operating Procedures, system security documents, and test plans.)
- Certified Navy Qualified Validator (NQV) Level II
- Possess current ANSI/ASIS/RIMS.RA.1 Risk Management Certification (or equivalent certifications include: Global Information Assurance Certification (GIAC) Global Critical Controls Certification (GCCC), GIAC Certified Enterprise Defender (GCED), GIAC Security Essentials (GSEC), or CompTIA Advanced Security Practitioner (CASP))
- Secret clearance
Desirable Qualifications and Skills
- BA/BS degree in a technical field or discipline
- Capable of implementing and maintaining all STIG’s and security controls required to achieve and maintain a DoN accreditation.
- Can identify controls to be put in place for the identified cybersecurity systems and networks.
- Comprehensive understanding of IT security architectures for the development, certification, and accreditation process in accordance with all applicable DoD and DoN guidelines.
- Two (2) years of technical experience in support of technical engineering projects for Federal agencies.
- Active Secret clearance
- The selected applicant must have a DoD 8570/5239 IAT Level 2 Certification (Security + CE) or IAT Level 3 Certification (CASP or CISSP)
Apply for this position
Required*