Please scroll down, To apply

Navy Qualified Validator III with Security Clearance

hiring now

KMS Solutions

2024-11-07 08:41:55

Job location Alexandria, Virginia, United States

Job type: fulltime

Job industry: I.T. & Communications

Job description

Navy Qualified Validator Company Overview: KMS Solutions, LLC is a technical management / solutions company that specializes in engineering, analysis, and cyber security. Founded in 2005, KMS is a certified small business with nearly two decades of experience supporting the Department of Defense as well as many other departments and programs critical to our Nations security and well-being. KMS is a 2024 winner of the USA Today Top Workplaces recognizing quality workplace cultures across the United States who put their employees first. Additionally, we received Culture Excellence Awards for Compensation & Benefits, Innovation, Leadership, Purpose & Valuesand Work-Life Flexibility. Navy Qualified Validator Summary/objective: KMS Solutions is seeking a motivated individual to join a team of cyber security professionals and Navy Qualified Validators providing support to Team Submarine Cyber Security Directorate (TSUB Cyber). As part of this select team, you will support cybersecurity compliance of US Navy submarine systems, especially the Submarine Warfare Federated Tactical System (SWFTS). SWFTS is federated system of systems that integrates submarine offensive and defensive capabilities, combat control, navigation, communications, and sensors, including SONAR, RADAR, and Imaging. TSUB Cyber ensure cyber authorization of all submarine systems. It is part of Naval Sea Systems Command (NAVSEA) and Program Executive Office Undersea Warfare Systems (PEO UWS). Essential functions: Validation: Act as an independent third party who assesses and validates that a system has implemented the approved security control baseline.
RMF Packages: Create, maintain, and validate accreditation documentation including System Security Plans (SSP), Implementation Plans, Privacy Impact Assessments, Security Assessment Plans (SAP), Risk Assessment Reports (RAR), Security Assessment Report (SAR), and Plan of Action and Milestones (POA&M). May perform different roles based on the specific RMF package, i.e., occasionally acting as Information System Security Engineer (ISSE) instead of NQV for select packages.
PIT Risk Assessment: Evaluate cybersecurity posture and perform risk assessments on Platform Information Technology (PIT) and PIT control systems (Industrial Control Systems) to identify and mitigate technical and non-technical vulnerabilities.
Vulnerability Remediation: Collaborate with engineers to remediate existing vulnerabilities or develop mitigations to minimize risks.
Policy Compliance: Implement and apply Department of Defense (DoD), Department of the Navy (DON), and National Institute of Standards and Technology (NIST) policy, instruction, and requirements.
Security Compliance Evaluation: Conduct traditional security compliance evaluation activities on testing sites, developmental sites, and shipboard environments.
Network Mapping and Vulnerability Scanning: Familiarity with network mapping, vulnerability scanning tools (e.g., ACAS, Nessus), and Security Technical Implementation Guides (STIGs) and Security Requirement Guides (SRGs).
Ad Hoc Data Calls: Participate in ad hoc cybersecurity data calls to support critical assessments.
SCA Trusted Agent: Act as liaison for the Security Control Assessor (SCA) to assist in all matters of validation, documentation, vulnerability mitigation, and residual risk determination.
Reasonable accommodations may be made to enable individuals with disabilities to perform these essential functions. Required education and experience: Currently certified as a Navy Qualified Validator (NQV) by NAVWAR.
5+ years of experience independently performing the NQV activities defined in the Navy's Risk Management Framework (RMF) Process Guide (RPG) or DoD Info Assurance Certification & Accreditation Process (DIACAP).
10+ years of experience with cyber security focused on Assessment and Authorization (A&A) including package development, documentation development, and validation.
Experience with accreditation documentation including System Security Plans (SSP), Implementation Plans, Privacy Impact Assessments, Security Assessment Plans (SAP), Risk Assessment Reports (RAR), Security Assessment Report (SAR), and Plan of Action and Milestones (POA&M).
Experience with A&A of Navy PIT system(s).
In depth understanding and experience with the NIST RMF process and documentation.
Information Assurance certification in compliance with DoD 8570 at IAM Level II or IAT Level II/III requirements, i.e., CISSP, CASP+, CAP, CISM, GSLC, CISA, or CySA+.
Bachelor's degree in a related field. Preferred education and experience: Experience with submarine systems or naval weapons systems.
Experience working with or supporting a program office within Team Submarine, NAVSEA, or a naval Program Executive Office.
Experience working with Xacta cyber risk management platform and eMASSter automation tool.
Experience developing and standardizing cybersecurity A&A processes and practices.
Master's degree in a related field. Competencies: Good verbal and written communication skills, with the ability to collaborate effectively with a team of government and industry professionals.
Ability to manage time well to meet assigned milestones.
Proficiency working with distributed teams.
Proficiency guiding, mentoring, and developing more junior cybersecurity workforce members.
Ability to work with system developers to ensure their compliance with RMF policies, instructions, and guidance. Work authorization/security clearance requirements: A Top Secret / Sensitive Compartmented Information (TS/SCI) clearance is required. Other Duties: Please note this job posting is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. - No change to these statements Supervisory Responsibility: Position may be eligible for promotion to supervisory position. Position is not initially a supervisory position. Work Environment: This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, and photocopiers. This role will be in working in a classified space that does not allow for personal electronic devices Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk or hear. Excellent listening skills are essential. The employee frequently is required to stand, walk, use hands to finger, handle or feel, and reach with hands and arms. - No change to these statements Position Type/Expected Hours of Work: The typical workday is eight hours in length. Some flexibility in hours is allowed, with concurrence from the supervisor. The employee must be available during the "core" work hours of 9:00 a.m. to 3:00 p.m. and must account for the hours in a pay period to maintain full-time status. Telework: This is position allows for up to 40% telework, i.e., 2 days per week. Specific days will be defined based on client needs, contract requirements, coordination with KMS PM, and employee's input. Telework allowance may fluctuate based on in-office needs to perform classified work. Travel: Up to 10% travel may be required to locations including, but not limited to, Newport, RI; Manassas, VA; and Bangor, WA. Benefits and Additional Compensation: KMS offers a competitive benefits packaging including medical, dental and vision insurances, flexible spending account, PTO, paid holidays, military leave, bereavement leave, 401k / retirement savings plan, professional development and tuition reimbursement, basic and voluntary life insurance / AD&D, short-term and long-term disability, voluntary AFLAC supplemental insurance products and employee assistance plan (EAP) program. Additionally, KMS offers employee referral bonuses and a discretionary annual bonus. AAP/EEO Statement: KMS Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. KMS Solutions is a drug free workplace.

Inform a friend!

<!– job description page –>
Top