Cybersecurity Validator/Security Control Assessor

Key Role:

Provide Cybersecurity testing and security control validation and assessment of technical and non-technical security features implemented on a system or network to support the DoD Risk Management Framework (RMF) Assessment and Authorization (A&A) process and legacy DoD Information Assurance Certification and Accreditation (DIACAP) for a Department of Navy (DoN) program. Validate security configurations to ensure they are implemented in accordance with DoD Cybersecurity policies, requirements, and directives, including compliance with Security Technical Implementation Guidance (STIG), Security Requirements Guides (SRGs), and checklists. Leverage automated testing tools and manual test methodologies to identify system vulnerabilities and noncompliance.

Basic Qualifications:

-3+ years of experience with Cybersecurity

-3+ years of experience with authoring comprehensive DoD DIACAP packages independently

-3+ years of experience with performing technical security assessments, including vulnerability assessments, security control reviews, and system configuration checks to support DIACAP

-3+ years of experience with planning and executing comprehensive Cybersecurity test events, including identifying applicable security controls, analyzing assessment procedures, and identifying and using required tools, including Retina, Nessus, Assured Compliance Assessment Solution (ACAS), or Security Content Automation Protocol (SCAP)

-3+ years of experience in working with federal or DoD government implementation of the NIST RMF for A&A

-Experience with performing manual testing methods and procedures using STIGs, SRGs, and checklists

-Secret clearance required

-HS diploma or GED

-DoD 8140 IAM or IAT Certification, including Security+ CE, CISM, CISSP, CAP, or CASP

-Navy Qualified Validator Level I, II, or III Certification required

Additional Qualifications:

-3+ years of experience with supporting Navy commands in the implementation or assessment of Cybersecurity controls or legacy DIACAP implementation

-3+ years of experience in working with NIST RMF for A&A

-Experience with eMASS

-Experience with performing Cybersecurity risk assessments and mitigation

-Experience with Microsoft Excel

-Experience with testing Navy systems

-Experience with Cloud and virtual environment security

-Experience with Linux Red Hat

-Fully Qualified Navy Validator (FQNV) Legacy Appointment

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.