Navy Validator Security Accessor

Washington, DC
Feb 20, 2021
Feb 24, 2021
IT, Security Engineer
Full Time
Navy Validator Security Accessor + + Job Tracking ID: 512 - 53 + Job Location: Mechanicsburg, PA + Level of Education: Any + + Job Type: Full-Time/Regular + Date Updated: 01/12/2021 Invite a friend Back to job search Job Description Vidoori, Inc., a rapidly growing small business providing high quality information technology services & products to solve business problems for Federal and Commercial clients, is building a strong Engineering team to deliver high quality, modern Information Assurance solutions and seeking a Navy Validator who will: + Perform DoD Certification and Accreditation (C&A)/Assessment and Authorization (A&A) activities in accordance with the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP)/Risk Management Framework (RMF), and Navy Platform IT (PIT) processes + Develop, modify, and review C&A/A&A documentation, analyze the Cybersecurity architecture of IT systems for compliance with DoD policies, develop and execute security test plans, use security tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP), and execute Security Technical Implementation Guides (STIGs) + Assess the Cybersecurity risk of IT systems documenting them in formal risk assessments and supporting artifacts associated with the C&A/A&A process + Maintain account on Enterprise Mission Assurance Support Service (eMASS) and DoD training certificates as required + Liaise with the client on completion of C&A/A&A documents. Provide reports as needed by the client. Review DIACAP/RMF package documents for integrity and completeness regarding testing and risk analysis as a RMF Validator + Ensure RMF A&A package is submitted to the Certification Authority (CA) in sufficient time for its review and operational cybersecurity risk recommendation to obtain Designated Accrediting Authority (DAA) authorization decision + Follow published Navy, NAVSUP Business Rules, and Validation guidance when preparing packages + Possess technical understanding of emerging technologies and their implementation within the clients network environments + Provide advice and guidance on a wide range of complex cybersecurity issues + Apply IT principles, standards, and methods to determine the status of network data confidentiality, integrity, availability and reliability, authentication and non-repudiation, and technology performance metrics + Conduct risk assessments and prepare accreditation packages for information systems to ensure proper controls are in place for the types of information processed Experience and Skills Required Skills: + Writes and validates DIACAP/RMF Certification and Accreditation/Assessment and Authorization documentation + Must be able to supply total number of DIACAP/RMF authorizations performed + In-depth information system security knowledge + TCP/IP networking protocols + DIACAP and RMF-based testing + Working knowledge of DIACAP, NIST 800-37, NIST 800-53 and NIST 800-53a + Writing and validating DIACAP/RMF Certification and Accreditation / A&A documentation + Capable of working in a team or independently + Familiarity working under guidelines and contributing inputs based on NIST 800-30rev1; Guide for Conducting Risk Assessments + Familiarity working under guidelines and contributing inputs based on NIST 800-37rev1; Guide for Applying the Risk Management Framework to Federal Information Systems + Effective oral and written communication skills a must Preferred Skills: + Bachelors degree in computer science or related IT field + Experience with US Navy RMF process Technologies and Tools: + IA tools and scanners used to evaluate the security posture of the system/enclave + Tenable Nessus and other vulnerability scanning tools/frameworks + Host-based assessment tools to secure information systems Experience: Minimum seven (7) years of the following Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and/or RMF qualifications/experience: + Writing and validating of DIACAP/RMF Certification and Accreditation/Assessment and Authorization documentation + DIACAP/RMF testing of all cybersecurity requirements and analysis required to complete a DIACAP/RMF package document for submittal and approval + Performing vulnerability risk analysis and risk management strategies on deficiencies found during DIACAP/RMF testing Location:Mechanicsburg, PA Residency:US Citizen Clearance:Public Trust with the ability to obtain/maintain a DoD Secret security clearance License/Certification: + Current DoD IAM Level 2 (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or equivalent) + Preferred: Active NQV Level I certification or previously held NQV Level I certification Employment Type:Full-time Job Benefits Vidoori employees enjoy a competitive compensation and benefits package, including but not limited to: + Paid Time Off (PTO) + Paid Holidays + A wide selection of medical plans with a generous employer based plan HMO, PPO, HAS/EPO options available; Dental, Vision. + 401-K Retirement Savings Plan with employer matching + Educational Assistance