Location: Suffolk, Virginia, USA
Job Number: R0092360
Share job via:
We're building value and opportunity by investing in cybersecurity, analytics, digital solutions, engineering and science, and consulting. Our culture of innovation empowers employees as creative thinkers, bringing unparalleled value for our clients and for any problem we try to tackle.
Empower People to Change the WorldSM
Location: Suffolk, Virginia, USA
Job Number: R0092360
Share job via:
Key Role:
Support a Naval client by providing Navy Risk Management Framework (RMF) cybersecurity support for the Domain. Analyze, document, and validate services for Department of Navy (DoN) IT solutions, including applications, networks, systems, architectures, and infrastructure to Navy organizations. Provide Information Assurance support to organizations, while serving independently as a Navy Qualified Validator, performing validation activities under RMF using Navy Security Control Assessor (SCA)-approved processes. Apply knowledge of DoD or DoN network architectures and policy towards the assessment and identification of vulnerabilities as a means of improving the operational security posture. Execute and conduct analysis of network and system Assured Compliance Assessment Solution (ACAS) vulnerability scans, Security Content Automation Protocol (SCAP) scans, and Security Technical Implementation Guide (STIG) checklists to validate the appropriate implementation of security controls in accordance with National Institute of Standards and Technology (NIST), DoD, and DON publications. Analyze and execute security assessment plans to ensure proper orchestration of testing procedures in accordance with requirements set forth by DoD and DoN information security authorities. Provide guidance to Navy programs regarding vulnerability remediation and determination of risk posture. This position will require travel CONUS and OCONUS, including Yokosuka, Japan or Naples, Italy.
Basic Qualifications:
-Experience with independently performing validator activities defined in the Navy’s RMF Process Guide and SCA Risk Assessment Guide and applying RMF guidance to Navy or DoD A&A efforts
-Experience with test and evaluation for allocating assigned security controls into assessment objectives and procedures, developing and executing Security Assessment Plans (SAP), and applying sequencing to reduce the duplication of effort
-Experience with Enterprise Mission Assurance Support Service (eMASS) and the DoD Assured Compliance Assessment Solution (ACAS) suite of tools
-Experience with vulnerability assessment scanning tools and reporting, intrusion detection technologies, intrusion prevention technologies, and a Host-Based Security System (HBSS)
-Knowledge of the NIST Special Publication 800-53 Rev. 4 cataloging Security and Privacy Controls for Federal Information Systems and Organizations
-Knowledge of DoD published STIG requirements and implementation or compliance process
-Secret clearance
-AA or AS degree
-Cybersecurity Workforce (CSWF) and Cyber IT certified under 8570.1-M IAM I or II Certification
-Navy Qualified Validator (NQV) Level II Designation
Additional Qualifications:
-Knowledge of Navy IT sites, systems, and infrastructure, including NCS and PIT
-Knowledge of applicable Navy systems, networks, and IT infrastructure, including the Navy Marine Corps Internet (NMCI), OCONUS Navy Enterprise Network (ONE-NET), IT-21 or Afloat networks, Joint systems, and Platform IT, such as Navy Control Systems and weapons platforms
-Knowledge of Physical and Environmental Security requirements of DoD Environments
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
#LI-AH1Not ready to apply? Join our talent community and sign up for job alerts.
At Booz Allen, we believe that your talents are the gateway to tomorrow. Working at the leading-edge of artificial intelligence, data science, digital transformation, cybersecurity, engineering, and health and science, we uncover and solve the emerging challenges of our time. Ours is a culture of innovation, rooted in a collective desire to make a lasting impact that you will realize. The skills you’ll bring to our team, coupled with the unparalleled missions you’ll serve, will shift the way the world works and lead us into the future. Change is within reach—and it all starts with you.
If you are an individual with a disability and would like to request a reasonable workplace accommodation for any part of our employment process, please send an email to disability-accommodations@bah.com. Please indicate the specifics of the assistance needed. This option is reserved only for individuals who are requesting a reasonable workplace accommodation. It is not intended for other purposes or inquiries. We’re an EOE that empowers our people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status or other protected characteristic to fearlessly drive change.