Top 3 Technical Skills:
Must be a "Navy Qualified Validator II"
Information Assurance experience
Experience reviewing and approving RMF Packages
- Designs, develops, engineers, and implements solutions that meet security requirements
- Responsible for the integration and implementation of computer system security solutions
- Performs risk analyses of computer systems and applications during all phases of the system development life cycle
- Identifies test requirements and tools based upon system designs
- Develops and reviews security test plans and procedures.
- Establishes and satisfies system-wide information security requirements based on analysis of user, policy, regulatory, and resource demands.
- Supports the Government Information Assurance (IA) Managers in the development and implementation of IA doctrine and policies.
- Initiates and prepares Certification and Accreditation (C&A) DoD Information Assurance Certification and Accreditation Process (DIACAP) and Assessment and Authorization (A&A) Risk Management Framework (RMF) packages; ensures existing C&A and A&A packages are maintained in a compliant status; verifies and validates C&A and A&A package requirements and configuration modifications are performed and tested.
- Reviews system engineering documentation, CONOPS, installation and configuration specifications to determine security requirements and to identify security concerns.
- Prepares briefing slides, status charts and support documentation as presentations for the client.
- Must have experience with using public key-based technologies for applications.
- 7+ years of experience working in the IT/Engineering field
- Experience in the development of Certification and Accreditation plans
- Experience in Host Based Security Systems (HBSS), vulnerability scanning software and Information Assurance Vulnerability Alerts (IAVA).
- Experience in DIACAP and RMF, as well as the DIACAP to RMF migration.
- Trained and experienced using Assured Compliance Assessment System (ACAS), Enterprise Mission Assurance Support Service (eMASS)
- Required: Must meet or exceed OPNAVINST 5239 requirements to be certified as Navy-Intermediate Qualified Validator
- Required: DoD 8570 - IAT Level II (ex. Security +)
Required: Fully adjudicated active Top Secret clearance is required to start, must be eligible to obtain SCI-level adjudication
- Completed Navy RMF training
- Fleet Cyber Command experience