GCA · 2 weeks ago
Navy Qualified Validator (NQV)
Norfolk, VA 23462
Full-time
Onsite
Senior Level, Lead/Staff
8+ years expGCA is a minority veteran owned small business providing solutions in the intelligence and information technology industries. The Navy Qualified Validator (NQV) conducts independent assessments of security controls and provides cybersecurity analysis and risk determination in support of OPTEVFOR missions.
Information Technology & Services
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Conduct Validation and Risk Assessment (RA) activities in support of OPTEVFOR systems, including:
Validation Security Assessment Testing (VSAT)
System risk documentation
System audits
Security hardware and software testing
Perform independent evaluations of security controls to determine effectiveness and residual risk
Produce complete, accurate, and defensible risk assessments in support of RMF authorization decisions
Create, review, and deliver all RMF-required artifacts and documentation necessary to plan, execute, and report on system security assessments
Document system risks, control deficiencies, and mitigation recommendations in accordance with RMF and Navy A&A guidance
Maintain and verify the accuracy and currency of authorization, assurance, and accreditation documentation
Draft statements of preliminary and residual security risk to support authorization decisions
Work closely with the designated OPTEVFOR Information Systems Security Manager (ISSM) to provide final security assessment guidance and validation support
Coordinate with Information Systems Security Engineers (ISSEs) and supporting staff throughout the RMF lifecycle
Collaborate with system owners, technical leads, cybersecurity personnel, and other stakeholders to manage and resolve cybersecurity requirements
Participate in technical meetings and working groups to support RMF package development and risk adjudication
Provide clear, actionable guidance on vulnerability remediation and risk posture determination
Execute and analyze ACAS/Tenable vulnerability scans and other DoD-approved assessment tools
Validate proper implementation of security controls in accordance with NIST, DoD, and DoN publications
Identify known vulnerabilities using alerts, advisories, errata, and bulletins
Verify implementation of stated security postures, document deviations, and recommend corrective actions
Maintain current expertise in RMF and A&A policies, standards, and best practices
Adhere strictly to the RMF Process Guide and Risk Assessment Guide
Develop or refine security compliance processes and audit approaches, including those applicable to external services (e.g., cloud service providers)
Exercise strong customer service, professionalism, and communication skills in fast-paced operational environments
Qualification
Required
Minimum of eight (8) years of experience performing duties as a Navy Qualified Validator (NQV)
Demonstrated proficiency with Enterprise Mission Assurance Support Service (eMASS) and familiarity with DoD Application and Database Management System (DADMS)
Thorough working knowledge of NIST security controls and their application within DoD/DoN RMF processes
Eligibility for Top Secret / Sensitive Compartmented Information (TS/SCI)
Company
GCA
GCA is a veteran owned small business providing solutions to customer requirements in every realm of the intelligence and information technology industries to include, imagery/intelligence analysis, related systems engineering and administration, operations and maintenance, networking and VTC services.
11-50 employees
Funding
Current Stage
Early StageLeadership Team
Anthony Tannoya
Chief Executive Officer
Michael Dorr
Vice President & COO
Company data provided by crunchbase