- Senior
- Office in Philadelphia
Job Description
- Meet Navy Cybersecurity Technical Authority (CSTA) NQV qualification standards, maintain appointment as an NQV by the Navy Security Control Assessor (SCA), and sustain a passing Proficiency Tracking Record (PTR) score as defined by the CSTA
- Develop and execute Security Assessment Plans (SAP)
- Validate security control implementation through on-site testing, examination, and interviews in support of Risk Assessments and Annual Security Reviews
- Review system configurations to determine compliance with applicable STIGs and SRGs
- Ensure traceability exists between supporting artifacts
- Verify that vulnerabilities from raw assessment results are properly documented in the system’s eMASS POA&M
- Summarize non-compliant security controls in the Risk Assessment tab of eMASS in accordance with the Navy SCA Risk Assessment Guide
- Prepare Security Assessment Reports (SAR) and Executive Summaries in accordance with NAVSEA SOPs
- Provide risk assessment and technical consultation to Program Managers, Information System Owners, ISSEs, and ISSOs
Qualifications
- Navy Qualified Validator Certification from the Navy Certification Authority (CA) required at time of proposal submittal
- Bachelor’s degree in computer science, information technology, communications systems management, or an equivalent STEM field from an accredited college or university
Ten (10) years of practical experience in a cybersecurity or A&A-related field, including implementing and reviewing RMF lifecycle documentation, validating confidentiality, integrity, and availability of systems, and conducting risk and vulnerability assessments
