Cyber Security - A&A Validator

ICS Nett, Inc. (ICS)
Quantico, VA
Aug 17, 2022
Aug 19, 2022
IT, Security Engineer
Full Time
A$ A' "A' ?We are hiring aA&A Validator for our team to work at DCSA Quantico, VA Must be US Citizen/Active Top Secret is MUST / Clearable to SCI is requiredLocation: Quantico, VA Now 60% Remote (2 Days Onsite/ 3 Days Remote)DoD 8570 IAM Level 1 Certification; Overall Job Description: Validator will manage customer-required Risk Management Framework (RMF) efforts for DCSA customers. The Validator will be responsible to work collaboratively with Information Technology (IT) Engineers and System Administrators to conduct Cyber Security (CS) analysis, mitigation, remediation, and monitoring to ensure compliance with applicable DoD and DCSA policies, procedures, and regulations. The validator will assess and validate that the system has implemented the approved security control baseline.Roles and Responsibilities:Responsible for conducting Validation and Risk Assessment activities in support of the customer (Validation Security Assessment Testing, System Risk Documentation, System Audits, Security Hardware and Software Testing)Responsible to review and approve A&A RMF packages, ensuring C&A and A&A packages are maintained in a compliant status while verifying and validating that C&A and A&A package requirements and configuration modifications are performed and tested.Responsible for analysis of security issues including architectures, firewalls, electronic data traffic and network access.Works in collaboration with system owners, PMs, cybersecurity staff, and other stakeholders to review and provide guidance on cybersecurity requirements.Assessment and Authorization (A&A) Vulnerability Assessment ? Review A&A related scans and required security test and evaluations using mandated tools IAW DIA, DoD, DISA, and/or directed timelines. Conduct A&A related enterprise and subordinate enclave network vulnerability assessments.Perform required validation scanning, POA&M development, and reporting as directed by applicable policy and guidance.Perform and analyze a range of Information Assurance / Assessment & Authorization (A&A) activities, and assist with the development and implementation of security policies and packages. Perform documentation review; system and network diagrams, vulnerability descriptions, SOPs, associated system documentation; compiling and generating required deliverables. Provide writing remediation recommendations and summaries. Required Skills and Experience: Individuals must have a broad understanding of Cyber Security requirements such as security engineering, system components, threat vectors, interfacing systems, devices and/or processes for developmental and operational system programs. Hands- on experience performing onsite cybersecurity assessments using tools like eMASS, ACAS, SCAP, STIGs Broad technical experience related to IT operations, application, database, networks, OS's, and system administration3+ years hands-on technical Cyber Security experience and knowledge of DISA Security Technical Information Guides (STIGs), DoD A&A Process, NIST SP 800-53 and 800-30, Meet or exceed DoD 8570.1 requirements for Information Assurance Management (IAM) Level I Associates in IT or Cyber related fieldKnowledgeable of FISMA requirements and the Risk Management Framework Thorough understanding of DoD Publications 8500 Cybersecurity, 8510 Risk Management Framework, and NIST Publications 800 Series.