Job Description: Job Number: R0038476
Naval Qualified Validator, Mid
Support the development and submission of DIACAP accreditation packages and Risk Management Framework (RMF) Assessment and Authorization (A&A) packages for the United States Naval client. Coordinate with and assist the Information System Security Manager (ISSM), Information Security Officer (ISO), and Validator in managing the overall naval client Cybersecurity program. Support the naval client in maintaining accreditations for systems and networks already accredited under DIACAP and obtain new system authorizations for naval client systems, networks, and mission applications under RMF. Coordinate with Information System Security Engineer (ISSE) staff and members of the naval client scientific community to create and submit A&A packages using the Enterprise Mission Assurance Support Service (eMASS). Perform NQV level responsibilities for each of the 6 steps of RMF. Perform technical testing and validation of naval client applications, systems, and networks to evaluate levels of compliance with DoD Security Technical Implementation Guides (STIG), perform the formal security assessment in step 4 of the RMF process, and initiate and finalize the Security Assessment Report (SAR). Implement security controls and hardening on various operating systems in accordance with DoD STIG, Security Requirements Guides (SRG), DIACAP IA controls and RMF security controls, and coordinate and interface with a team of system administrators and network engineers to complete Cybersecurity testing on naval client systems and networks and assist with remediation activities in accordance with DoD STIG and SRG.
5+ years of experience with information assurance, Cybersecurity, Cyber policy and compliance, Cybersecurity testing and analysis, development and submission of C&A packages under DIACAP, and authorization packages under RMF
Knowledge of DIACAP and RMF accreditation processes, Enterprise Mission Assurance Support Service (eMASS), DoD STIG and SRG, and DoD and Navy Cybersecurity policies and requirements
Ability to work independently to certify and accredit DoD information systems and networks
BA or BS degree in Electrical, Electronic, or Computer Engineering or CS or 6+ years of experience with Cybersecurity
DoD 8570 CompTIA Certification, including Security+
Experience with performing vulnerability scans using the Assured Compliance Assessment Solution (ACAS)
Experience with McAfee Host Based Security System (HBSS) and any associated point products
Experience as a system administrator for Windows, Red Hat Linux (RHEL), Hewlett Packard Unix (HP-UX), Macintosh, or other UNIX-based operating systems
Knowledge of Windows Server 2008 R2, Windows Server 2012, Windows 7, Windows 10, Red Hat Linux (RHEL) 5,6, and 7, Macintosh OSX, and HP-UX operating systems
Ability to navigate the management interface of network technologies, including firewalls, router, and switches
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
We're an EOE that empowers our peopleno matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran statusto fearlessly drive change.
Booz Allen Hamilton Inc.