Fully Qualified Navy Validator V (NQV III)
Position DescriptionIf you love high profile and challenging projects supporting the US Navy- Serco has a great opportunity for you! This Navy Qualified Validator IV will be on a dynamic team located at the Washington Navy Yard performing the following activities required within the DoD Instruction 8510.01 DoD Risk Management Framework (RMF) (formerly the DoD Information Assurance Certification and Accreditation Process (DIACAP)) to obtain Authorization to Operate (ATO) with Conditions or ATO prior to fielding of all the contract's Enterprise Business Mission Area (BMA), DoD Portion of Intelligence Mission Area (DIMA), Enterprise Information Environment Mission Area (EIEMA), and Warfighting Mission Area (WMA) ashore and afloat systems.This position is contingent upon your ability to maintain/transfer your Secret clearance.This position is contingent upon contract this role, you will: Develop RMF accreditation packages using current DoD Instruction 8510.01 accreditation methods, to include the System Authorization Boundary, Hardware/Software/Firmware list, Dataflow Diagram, Security Plan, Plan of Action and Milestones (POA&M), System Categorization, Enterprise Reporting RMF Scorecard, System Level Continuous Monitoring (SLCM) Strategy, Risk Assessment Report (RAR), Security Assessment Plan (SAP), and Security Assessment Report (SAR). Identify security controls to be implemented, work with system owners to implement and test controls, prepare required artifacts, and complete actions required in the RMF in the time-frame in which they are required. Provide subject matter expertise regarding the development of RMF packages and the RMF process for a portfolio of approximately 200 systems. In this capacity, serve as a resource in both package development and in navigating the RMF process for the Team SUB enterprise. Serve as Navy Risk Management Framework (RMF) Validator or as Navy Qualified Validators (NQVs) as defined by the NAVWAR Qualification Standard, Responsibilities, and registration Process for Navy Qualified Validators (NQV) of 4 March 2016 and SECNAVINST 5239.20A, Navy Information Assurance (IA) Program. Independently validate cybersecurity artifacts developed by TEAM SUB Enterprise system owners (approximately 200 systems) as part of the Risk Management Framework Accreditation and Authorization process that are uploaded to DoN Enterprise Mission Assurance Support Service (eMASS). Organize and assist with the updating and coordination of records in the TEAM SUB Enterprise Cybersecurity portfolio of all Business Mission Area (BMA), DoD Portion of Intelligence Mission Area (DIMA), Enterprise Information Environment Mission Area (EIEMA), and Warfighting Mission Area (WMA) ashore and afloat systems. Validate that all DON-specified cybersecurity- specific information systems, including Enterprise Mission Assurance Support Service (eMASS), Procurement Business Intelligence Service (PBIS), DoD IT Portfolio Repository (DITPR)-DON, Vulnerability Remediation Asset Manager (VRAM), the DON Application and Database Management System (DADMS), and the Enterprise Reporting Service (ERS) Cybersecurity Scorecard on Secret Internet Protocol Router (SIPR) network, are continuously accurate and reflect the cybersecurity posture of TEAM SUB and its assigned field activities, including NUWC and SUBMEPP and provide status to TEAM SUB staff. Respond to data calls from DoD, DON, and NAVSEA organizations. Review all system DITPR-DON and DADMS records assigned to the TEAM SUB Enterprise to validate that these systems are current and compliant with Federal Information Security Management Act (FISMA) applicable cybersecurity regulations, as evidenced by the FISMA Scorecard remaining in the compliant (Green) status for a combined portfolio of approximately 200 systems. Participate in the TEAM SUB Enterprise/DON's annual cybersecurity review of all TEAM SUB BMA, DIMA, EIEMA, and WMA Systems. This participation shall include liaison with DON and NETWARCOM personnel to review methodology, validate that TEAM SUB systems are compliant, accurate, and ready for inspection, coordinate reviews, and coach cognizant programmatic and technical personnel to help TEAM SUB personnel ensure that applicable DoD regulations identified byDoD Instruction 8500.01 and DoD Instruction 5000.02 are followed, and that TEAM SUB systems (approximately 200 systems) meet FISMA reporting and privacy requirements. Assist in the investigation of inadvertent electronic spillages of classified information, and draft and submit reports to the ASM concerning the spillage and the impact. Assist with the coordination of investigations with NAVSEA, Naval Criminal Investigative Service, Defense Security Service, and other authorities. Initiate and coordinate remediation actions, and track to closure. Educate personnel via Training, Team Talks, e-mail reminders, or using online training to prevent future spillages and recommend policy or procedural changes when needed. Provide direct expertise and assistance to ensure that cybersecurity is fully integrated into the system life-cycles of all TEAM SUB acquisition and life-cycle maintenance platform programs in accordance with DoD Instruction 8500.01 and DoD Instruction 5000.02.QualificationsTo be successful in this role, you must have: An Active or Current DoD Secret Clearance to apply. Bachelor's degree in Computer Science, Management Information Systems, or related fields - Extensive Military Services equivalent experience may substitute for degree 10 or more years of experience with RDT&E and Business IT systems and the phases of Certification and Accreditation (C&A) process. Qualification as a Level III Navy Qualified Validator (NQV III) as defined by DoD Instruction 8510.01 - Risk Management Framework (RMF) for DoD Information Technology (IT).This position is contingent upon your ability to maintain/transfer your Secret clearance.This position is contingent upon contract award.Additional desired experience and skills: 10 or more years of experience in an Information Assurance (IA) or C&A related field. Familiarity with and understanding of Navy IT sites, systems, and infrastructure. Experience working with Navy C&A efforts as a Navy Validator. Demonstrated oral and written communication skills to work closely with all levels of personnel involved in IT operations and technical aspects of systems. Good communications skills and excellent word processing, database, spreadsheet programs, Microsoft applications.If you are interested in supporting and working with our sailors and a passionate Serco team- then submit your application now for immediate consideration. It only takes a few minutes and could change your career!Serco Inc. is using this posting for the purpose of responding to a proposal. We are seeking qualified candidates in the event of a contract award. This position is not currently funded/active. Should Serco be awarded the contract, and you meet the qualifications of the position, you will be considered in the selection pany OverviewSerco Inc. (Serco) is the Americas division of Serco Group, plc. Serco serves every branch of the US military, numerous US Federal civilian agencies, the Intelligence Community, the Canadian government, state and local governments, and commercial clients. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Headquartered in Herndon, Virginia, Serco Americas has approximately 8,000 employees and is part of a $4 billion global business that helps transform government and public services around the world. At Serco, our employees are our most valuable asset - we listen, respect and support them throughout their career at Serco. We invite you to become part of our dynamic team. Serco is an equal opportunity employer committed to diversifying our workforce (Race/ Color/ Sex/ Sexual Orientation/ Gender Identity/ Religion/ National Origin/ Disability/ Vets).