Core4ce ยท 7 hours ago
Cyber Security Specialist-Navy Qualified Validator Specialist
Maximize your interview chances
Information Services
No H1BSecurity Clearance Required
Insider Connection @Core4ce
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
RMF Package Development: Provide expert-level support in developing, reviewing, and validating RMF A&A packages in compliance with NIST SP 800-37, Navy RMF Process Guide (RPG), and NAVWAR Risk Assessment Guide. Ensure all documentation meets DoD and Navy requirements for system authorization.
Validation Services: Serve as a trusted agent and technical representative to the Security Control Assessor (SCA), conducting thorough technical evaluations of systems to assess compliance with assigned security controls. Provide accurate assessments and document security posture, capabilities, and vulnerabilities.
Artifact Development: Lead the creation of System Security Plans (SSP), Security Assessment Plans (SAP), and Security Assessment Reports (SAR). Execute custom test procedures and document results in government A&A tracking tools (e.g., eMASS).
Risk Analysis: Perform detailed risk analysis, identify system vulnerabilities, and provide comprehensive recommendations for risk mitigation. Develop executive summaries to convey technical findings and risk assessments to stakeholders.
Compliance Liaison: Collaborate with Program Managers (PM), Information System Security Managers (ISSM), and the SCA to ensure continuous monitoring and updates to RMF controls based on the CYBERSAFE grading and evolving cybersecurity requirements.
Authorization Support: Assist in obtaining A&A approvals by ensuring all necessary documentation and artifacts are completed, accurate, and submitted in a timely manner to the appropriate Authorizing Official (AO). Provide guidance on corrective actions and recommendations for optimizing the RMF approval process.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Must be 8570 Compliant. CISSP preferred
Required Certification: Navy Qualified Validator (NQV) Level II or III.
Expertise: In-depth knowledge of NIST SP 800-37, Navy RMF Process Guide (RPG), and NAVWAR Risk Assessment Guide. Experience with DoD A&A processes and cybersecurity compliance.
Technical Skills: Proficiency in using government A&A tools (e.g., eMASS), conducting security assessments, and creating RMF documentation, including SAP, SAR, and SSP.
Experience: Minimum of 5 years of experience in cybersecurity validation, risk assessment, and supporting RMF A&A processes for DoD and Navy systems.
Security Clearance: Active Top-Secret clearance with Sensitive Compartmented Information (SCI) eligibility.
Preferred
CISSP preferred
Company
Core4ce
Core4ce is a mission-oriented company that serves as a trusted partner to the national security community.
Funding
Current Stage
Growth StageLeadership Team
Recent News
Washington Technology
2024-10-16
2024-04-08
Company data provided by crunchbase