Navy Validator - Washington, D.C. with Security Clearance

---

Job description

Position Description If you love high profile and challenging projects supporting the US Navy then Serco has a great opportunity for you! As the Navy Validator you will support a major acquisition command building navy ships located at the Navy Yard in Washington DC. Bring your expertise and collaborative skills to make an impact towards our military defense and safety of our sailors. Serco supports the US Navy as a prime for their Team Submarine contract supporting the acquisition of submarines. The Team Submarine concept unifies once diverse submarine-related activities into a single submarine-centric organization with the goal of eliminating traditional stovepipe structures and processes that created impediments and inefficiencies in the submarine research, development, acquisition, and maintenance communities. Team Submarine provides improved communication among the various offices that contribute to the overall success of the United States Submarine Force. In this role, you will: Perform activities required within the DoD Instruction 8510.01 DoD Risk Management Framework (RMF) (formerly the DoD Information Assurance Certification and Accreditation Process (DIACAP to obtain Authorization to Operate (ATO) with Conditions or ATO prior to fielding of all TEAM SUB Enterprise Business Mission Area (BMA), DoD Portion of Intelligence Mission Area (DIMA), Enterprise Information Environment Mission Area (EIEMA), and Warfighting Mission Area (WMA) ashore and afloat systems. Develop RMF accreditation packages using current DoD Instruction 8510.01 accreditation methods, to include the System Authorization Boundary, Hardware/Software/Firmware list, Dataflow Diagram, Security Plan, Plan of Action and Milestones (POA&M), System Categorization, Enterprise Reporting RMF Scorecard, System Level Continuous Monitoring (SLCM) Strategy, Risk Assessment Report (RAR), Security Assessment Plan (SAP), and Security Assessment Report (SAR). Identify security controls to be implemented, work with system owners to implement and test controls, prepare required artifacts, and complete actions required in the RMF in the timeframe in which they are required. Provide subject matter expertise regarding the development of RMF packages and the RMF process for a portfolio of approximately 200 systems. In this capacity, serve as a resource in both package development and in navigating the RMF process for the Team SUB enterprise. Serve as Navy Risk Management Framework (RMF) Validator or as Navy Qualified Validators (NQVs) as defined by the NAVWAR Qualification Standard, Responsibilities, and registration Process for Navy Qualified Validators (NQV) of 4 March 2016 and SECNAVINST 5239.20A, Navy Information Assurance (IA) Program. Independently validate cybersecurity artifacts developed by TEAM SUB Enterprise system owners (approximately 200 systems) as part of the Risk Management Framework Accreditation and Authorization process that are uploaded to DoN Enterprise Mission Assurance Support Service (eMASS). Organize and assist with the updating and coordination of records in the TEAM SUB Enterprise Cybersecurity portfolio of all Business Mission Area (BMA), DoD Portion of Intelligence Mission Area (DIMA), Enterprise Information Environment Mission Area (EIEMA), and Warfighting Mission Area (WMA) ashore and afloat systems. Validate that all DON-specified cybersecurity- specific information systems, including Enterprise Mission Assurance Support Service (eMASS), Procurement Business Intelligence Service (PBIS), DoD IT Portfolio Repository (DITPR)-DON, Vulnerability Remediation Asset Manager (VRAM), the DON Application and Database Management System (DADMS), and the Enterprise Reporting Service (ERS) Cybersecurity Scorecard on Secret Internet Protocol Router (SIPR) network, are continuously accurate and reflect the cybersecurity posture of TEAM SUB and its assigned field activities, including NUWC and SUBMEPP and provide status to TEAM SUB staff. Respond to data calls from DoD, DON, and NAVSEA organizations. Review all system DITPR-DON and DADMS records assigned to the TEAM SUB Enterprise to validate that these systems are current and compliant with Federal Information Security Management Act (FISMA) applicable cybersecurity regulations, as evidenced by the FISMA Scorecard remaining in the compliant (Green) status for a combined portfolio of approximately 200 systems. Participate in the TEAM SUB Enterprise/DON's annual cybersecurity review of all TEAM SUB BMA, DIMA, EIEMA, and WMA Systems. This participation shall include liaison with DON and NETWARCOM personnel to review methodology, validate that TEAM SUB systems are compliant, accurate, and ready for inspection, coordinate reviews, and coach cognizant programmatic and technical personnel to help TEAM SUB personnel ensure that applicable DoD regulations identified by DoDI 8500.01 and DoDI 5000.02 are followed, and that TEAM SUB systems (approximately 200 systems) meet FISMA reporting and privacy requirements. Assist in the investigation of inadvertent electronic spillages of classified information, and draft and submit reports to the ASM concerning the spillage and the impact. Assist with the coordination of investigations with NAVSEA, Naval Criminal Investigative Service, Defense Security Service, and other authorities. Initiate and coordinate remediation actions, and track to closure. Educate personnel via Training, Team Talks, e-mail reminders, or through the use of online training to prevent future spillages and recommend policy or procedural changes when needed. Provide direct expertise and assistance to ensure that cybersecurity is fully integrated into the system lifecycles of all TEAM SUB acquisition and life-cycle maintenance platform programs in accordance with DoDI 8500.01 and DoDI 5000.02. Qualifications To be successful in this role, you will have: An Active DOD Secret Clearance US Citizenship Bachelor's degree in computer science, management information systems, or related fields High School Diploma/GED and 4 years of additional related experienced will be considered in lieu of Bachelor's degree in computer science, management information systems, or related fields. 7 years of experience (Experience with RDT&E and Business IT systems and the phases of Certification and Accreditation (C&A) process highly preferred) Qualification as a Navy Qualified Validator (NQV) as defined by DoD Instruction 8510.01 - Risk Management Framework (RMF) for DoD Information Technology (IT). Demonstrated oral and written communication skills to work closely with all levels of personnel involved in IT operations and technical aspects of systems. Good communications skills and excellent word processing, database, spreadsheet programs, Microsoft applications skills. Familiarity with and understanding of Navy IT sites, systems, and infrastructure. Ability to travel up to 10% of the time. Additional desired experience and skills: 10 years of experience in an Information Assurance (IA) or C&A related field. Experience working with Navy C&A efforts as a Navy Validator. If you are interested in supporting and working with our military and sailors, and an enthusiastic Serco team, then submit your application now for immediate consideration - it only takes minutes to apply and could change your career! In compliance with the District of Columbia's Equal Pay for Equal Work Act, the salary range for this role is $91,701.62 to $152,836.04; however, Serco considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, and key skills. Company Overview Serco Inc. (Serco) is the Americas division of Serco Group, plc. In North America, Serco's 9,000+ employees strive to make an impact every day across 100+ sites in the areas of Defense, Citizen Services, and Transportation. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state, provincial and local governments, and commercial clients. While your place may look a little different depending on your role, we know you will find yours here. Wherever you work and whatever you do, we invite you to discover your place in our world. Serco is a place you can count on and where you can make an impact because every contribution matters. To review Serco benefits please visit: . If you require an accommodation with the application process please email: or call the HR Service Desk at , option 1. Please note, due to EEOC/OFCCP compliance, Serco is unable to accept resumes by email. Candidates may be asked to present proof of identify during the selection process. If requested, this will require presentation of a government-issued I.D. (with photo) with name and address that match the information entered on the application. Serco will not take possession of or retain/store the information provided as proof of identity. For more information on how Serco uses your information, please see our Applicant Privacy Policy and Notice . Serco does not accept unsolicited resumes through or from search firms or staffing agencies without being a contracted approved vendor. All unsolicited resumes will be considered the property of Serco and will not be obligated to pay a placement or contract fee. If you are interested in becoming an approved vendor at Serco, please email . Serco is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.

<!– job description page –>