Posted 1 year ago

Work Status: Full-Time

Location: Philadelphia, PA

Clearance: Secret

Requisition: CU-NQVL-01

Job Summary:

The Navy Qualified Validator Level III will support efforts to integrate new technology with IT security standards, technical writing, governance, and policy development/management. The Navy Qualified Validator Level III will also develop and evaluate Information Assurance Assessment and Authorizations (A&A) for servers and systems.

Responsibilities:

  • Provide DoD Information Assurance Certification & Accreditation Process (DIACAP) and Risk Management Framework (RMF) services.
  • Perform validation of A&A packages and artifacts and implementation of security postures.
  • Follow the most current applicable documents including, DON RMF Process Guide, DoD Instruction 8510.01, and the business rules of cognizant review offices for each package.
  • Perform A&A Validation including their associated validation test procedures; associated validation artifact; validation plan and procedures; compliance status; validation tests; validation results/report and supporting documentation.
  • Create and maintain the package record in the RMF system of record (currently eMASS).
  • Validate the confidentiality, integrity and availability of systems, networks, and data in accordance with information systems programs, policies, procedures, and goals.
  • Develop procedures to ensure information systems’ reliability and accessibility; prevent and defend against unauthorized systems, network, and data.
  • Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks protection needs; conduct systems security evaluation, audits, and reviews; determine the residual risk of a package based on content and assessment results and documenting for the Security Controls Assessor’s (SCA) and higher-level review.
  • Conduct systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate and state the current risk posture of the system.
  • Interpret and implement local information security and higher-level policies and procedures to ensure networks and information systems are reliable, accessible, and protected against unauthorized access.

Requirements:

  • Seven years of practical experience in a cybersecurity or A&A related field. Experience should include implementing and/or reviewing RMF lifecycle documentation; ensuring/validating the confidentiality, integrity, and availability of systems, networks, and information; and conducting risk and vulnerability reviews and assessments to ensure accreditation procedures were followed, and documentation of non-compliance.
  • Security: IAM-III via applicable certification such as CISM, CISSP (or Associate), GSLC, CCISO.

Education:

Master’s degree in computer science, information technology, or an equivalent technical degree from an accredited college or university.

Apply For This Job

A valid email address is required.
A valid phone number is required.

ODME is a Federal contractor and an Equal Opportunity Employer. ODME is subject to Executive Order 11246, which requires government contractors to take affirmative action to ensure that equal opportunity is provided in all aspects of their employment. In addition, we are subject to Vietnam Era Veterans’ Readjustment Assistance Act of 1974, as amended by the Jobs for Veterans Act of 2002, 38 U.S.C. 4212 (VEVRAA), which requires Government contractors to take affirmative action to employ and advance in employment protected veterans. In order to comply with these laws, ODME invites applicants to voluntarily self-identify their gender, race/ethnicity and protected veteran status. ODME does not discriminate on the basis of race, religion, color, sex, sexual orientation, gender identity, age, protected veteran status, non-disqualifying physical or mental disability, national origin, genetic information, or any other basis covered by appropriate law.  All employment is decided on the basis of qualifications, merit, and business need.

Submission of this information is voluntary and refusal to provide it will not subject you to any adverse treatment. The information obtained will be kept confidential and may only be used in accordance with the provisions of applicable laws, executive orders, and regulations, including those that require the information to be summarized and reported to the federal government for civil rights enforcement. When reported, data will not identify any specific individual.

ODME invites any applicant and/or employee to review the Company’s written Affirmative Action Policy (Link)