United States onlyQualifications:
- Minimum 8 years’ experience as an NQV.
- Proficiency in Enterprise Mission Assurance Support Service (eMASS) and familiarity with DoD Application and Database Management System (DADMS), along with a thorough understanding of National Institute of Standards and Technology (NIST) controls.
Duties:
- Responsible for conducting Validation and Risk Assessment (RA) activities in support of the customer (Validation Security Assessment Testing, System Risk Documentation, System Audits, Security Hardware and Software Testing).
- Responsible for creating and providing all RMF appropriate artifacts and documentation necessary to plan and execute a thorough test of systems, document the system risks and report on the identified risks as necessary.
- Produces complete and accurate risk assessments ISO RMF efforts.
- Actively work with the designated (OPTEVFOR) Information Systems Security Manager (ISSM) to provide final security assessment support and guidance.
- Required to engage with the system Information Systems Security Engineer (ISSE) and ISSE support staff throughout the RMF process.
- Responsible for validation events for all OPTEVFOR, cyber OT&E infrastructure, and toolsets.
- Maintain thorough and current knowledge of RMF and A&A processes and standards.
- Work closely with system owners, technical leads, cybersecurity staff, and other stakeholders to manage cybersecurity requirements.
- Execute and conduct analysis of network and system Assured Compliance Assessment Solution (ACAS) vulnerability scans (or other DoD approved tools) to validate appropriate implementation of security controls in accordance with NIST, DoD and DoN publications.
- Participate in technical meetings and topics, to assist and identify objectives in support of package development.
- Exercise strong customer service and excellent communication skills in a fast-paced environment.
- Adhere to guidance outlined in RMF Process Guide and Risk Assessment Guide.
