US Naval Undersea Warfare Center, Newport, RI, United States in Rhode Island. This is a full-time position
Rite-Solutions, Inc. is seeking a Navy Qualified Validator to support NUWCDIVNPT Activity Command Information Officer (CIO) and work directly with the Command Information Systems Security Manager (ISSM), serve as a member of the Assess and Authorize (A&A) team, and perform the following:
Become familiar with the system/site by reviewing the Assessment and Authorization (A&A) System Security Plan for existing systems; identify any issues with the Security Plan and Procedures; execute the Validation Plan and Procedures; review POA&Ms; develop Risk Assessments
Keep abreast of and provide the team updated information on Navy RMF policies and procedures. Review DoD, DON, NAVSEA CS-related documentation (i.e., RMF Process Guide, DoN Standard Operating Procedures, NAVSEA Business Rules).
Be comfortable conducting independent security control assessments in accordance with NIST SP 800-53, 800-53A, CNSSI 1253, and the Risk Management Framework (RMF) described in NIST SP 800-37
Clearly articulate requirements and other information in written documentation such as Security Plan, Contingency Plan, Contingency Plan Test, Business Impact Analysis, etc.
Provide guidance and training in eMASS to team members
Demonstrate strong organizational and time-management skills: multitasking, working individually and with a team, having a positive attitude, being self-motivated and reliable, being trustworthy, having strong interpersonal and diplomatic skills, and being able to handle stress in a professional manner
Position requires U.S. Citizenship and an active DoD security clearance
Skills Required:
Must be Navy Qualified Validator appointed by the NAVY SCA.
Must possess or have previously possessed DoD SECRET security clearance or higher
Must attain, or have previously attained and be able to maintain status of NUWCDIVNPT Cyber Security Workforce (CSWF)
Must have an 8570.01M IAM/IAT Certificate (Security + at a minimum CAP or CASP /CISSP preferred)
General National Institute of Standards and Training Special Publications (NIST SPs) knowledge
Must be able to manage multiple projects at a time
Minimum 3+ years of professional cybersecurity experience
Assessment and Authorization (A&A formerly C&A, i.e. RMF and DIACAP respectively)
Experience with ACAS, STIGViewer, eMASS
Knowledge and experience with practices and procedures for CMMI Software Development Level 3 or greater is a plus
All positions require a pre-employment background check
For more Info: https://hubs.ly/Q031lypT0