We are currently seeking a Senior Management Analyst/ Navy Qualified Validator at our NUWC, Middletown, RI site.
Job Description: The Support Analyst/ Navy Qualified Validator is responsible for assisting in verifying that all NUWCDIVNPT enterprise and RDT&E networks and systems are in compliance with applicable Security Controls per the Department of the Navy (DON) RMF. The analyst must have a thorough understanding of RMF and basic familiarity with IT/network technologies.
Applicants must meet the requirement of U.S. Citizenship, have a SECRET security clearance, and be eligible for a Cybersecurity Workforce (CSWF) IAM level II designation.
Must have at least DoD Secret level clearance
Must be a Navy Qualified Validator Level II or higher appointed by the NAVY SCA.
Must have an 8570.01M IAM/IAT Level II Certificate (Security + at a minimum CAP or CASP /CISSP preferred) General National Institute of Standards and Training Special Publications (NIST SPs) knowledge
Must be able to manage multiple projects at a time Minimum 10+ years of professional cybersecurity experience Assessment and Authorization (A&A formerly C&A, i.e. RMF and DIACAP respectively) Experience with ACAS, STIGViewer, eMASS Knowledge and experience with practices and procedures for CMMI Software Development Level 3 or greater is a plus
This person will support the NUWCDIVNPT Activity Command Information Officer (CIO) and work directly with the Command Information Systems Security Manager (ISSM), serve as a member of the Assess and Authorize (A&A) team, and perform the following: Become familiar with the system/site by reviewing the Assessment and Authorization (A&A) System Security Plan for existing systems;
identify any issues with the Security Plan and Procedures; execute the Validation Plan and Procedures;review POA&Ms; develop Risk Assessments Keep abreast of and provide the team updated information on Navy RMF policies and procedures. Review DoD, DON, NAVSEA CS-related documentation (i.e., RMF Process Guide, DoN Standard Operating Procedures, NAVSEA Business Rules).
Be comfortable conducting independent security control assessments in accordance with NIST SP 800-53, 800-53A, CNSSI 1253, and the Risk Management Framework (RMF) described in NIST SP 800-37 Clearly articulate requirements and other information in written documentation such as Security Plan, Contingency Plan, Contingency Plan Test, Business Impact Analysis, etc. Provide guidance and training in eMASS to team members Demonstrate strong organizational and time-management skills: multitasking, working individually and with a team, having a positive attitude, being self-motivated and reliable, being trustworthy, having strong interpersonal and diplomatic skills, and being able to handle stress in a professional manner Position requires U.S. Citizenship Ability to transfer a security clearance with the US government; active security clearance As an EOE/AA employer
For more info: https://theucf.info/qqkVXb