Navy Qualified Validator Level III with Security Clearance

---

Job description

Work Status: Full-Time Location: Philadelphia, PA Clearance: Secret Requisition: CU-NQVL-01 Job Summary: The Navy Qualified Validator Level III will support efforts to integrate new technology with IT security standards, technical writing, governance, and policy development/management. The Navy Qualified Validator Level III will also develop and evaluate Information Assurance Assessment and Authorizations (A&A) for servers and systems. Responsibilities: Provide DoD Information Assurance Certification & Accreditation Process (DIACAP) and Risk Management Framework (RMF) services. Perform validation of A&A packages and artifacts and implementation of security postures. Follow the most current applicable documents including, DON RMF Process Guide, DoD Instruction 8510.01, and the business rules of cognizant review offices for each package. Perform A&A Validation including their associated validation test procedures; associated validation artifact; validation plan and procedures; compliance status; validation tests; validation results/report and supporting documentation. Create and maintain the package record in the RMF system of record (currently eMASS). Validate the confidentiality, integrity and availability of systems, networks, and data in accordance with information systems programs, policies, procedures, and goals. Develop procedures to ensure information systems' reliability and accessibility; prevent and defend against unauthorized systems, network, and data. Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks protection needs; conduct systems security evaluation, audits, and reviews; determine the residual risk of a package based on content and assessment results and documenting for the Security Controls Assessor's (SCA) and higher-level review. Conduct systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate and state the current risk posture of the system. Interpret and implement local information security and higher-level policies and procedures to ensure networks and information systems are reliable, accessible, and protected against unauthorized access. Requirements: Seven years of practical experience in a cybersecurity or A&A related field. Experience should include implementing and/or reviewing RMF lifecycle documentation; ensuring/validating the confidentiality, integrity, and availability of systems, networks, and information; and conducting risk and vulnerability reviews and assessments to ensure accreditation procedures were followed, and documentation of non-compliance. Security: IAM-III via applicable certification such as CISM, CISSP (or Associate), GSLC, CCISO. Education: Master's degree in computer science, information technology, or an equivalent technical degree from an accredited college or university.

<!– job description page –>