Over 1 Million Paying Vacancies Available. Discover Your Dream Vacancy with Us!

Are you looking for a Cybersecurity System Validator? We suggest you consider a direct vacancy at Naval Supply Systems Command in Virginia Beach. The page displays the terms, salary level, and employer contacts Naval Supply Systems Command person

Job opening: Cybersecurity System Validator

Salary: $88 520 - 113 629 per year
Relocation: YES
Published at: Nov 05 2024
Employment Type: Full-time
Join the Navy Exchange Service Command (NEXCOM) as a Cyber Security System Validator, responsible for analyzing IT systems according to the Navy Risk Management Framework (RMF). As a Navy Qualified Validator, you'll ensure the security and compliance of the Navy Exchange Enterprise's IT system.

Duties

Provides NEXCOM cybersecurity support, by performing full package analysis of all IT systems, as defined by the Navy Risk Management Framework (RMF) guide. Serves as a Navy Qualified Validator (NQV) for the Navy Exchange Enterprise. Interviews the Information Technology (IT) owner to obtain system or site information. Independently uses this and other available information to evaluate security features of the IT system or site being assessed and authorized. Extensively work with system-level program teams throughout the system lifecycle to ensure they meet DoD 8500 series. Performs complete assessments of a system or network security controls, known threats, and vulnerabilities, and provides a complete summary of failed controls and documenting issues. Provides clear and detailed technical feedback on potential risks affecting the systems vulnerability footprint and recommended courses of action to mitigate or consider other options to meet mission requirements while preserving or improving the security postures. Capable of going off test procedure scripts to extensively test a possible discrepancy that the test procedures may not fully identify. Completes a Security Assessment Review (SAR) in collaboration with the Security Control Assessor (SCA) based on the assessment results. Recommends updates to the POA&M based on the assessment results while ensuring traceability of all vulnerabilities from raw assessment results to the POA&M. Prepares the SAR Executive Summary, with all assessment results, for SCA review. Prepares and submit the Security Assessment Plan (SAP) with program assistance. Serves in a continuous monitoring role of the system's security posture to ensure ongoing compliance and the timely detection of security issues after authorization, as necessary. Assesses need for specialized IA training. Prepares lesson plans for such training, as required, and ensures that training is given to appropriate personnel. May personally instruct such courses. Maintains contacts with departmental line managers, customer activity personnel and senior personnel within the Cybersecurity community for the purpose of developing, enhancing and promoting the program objectives. Keeps supervisors up to date on all assignments. Performs other related duties as assigned.

Requirements

Qualifications

A total of 8 years of experience, consisting of the following combination: Qualified candidates must be U.S. Citizens. GENERAL EXPERIENCE: 3 years' experience in security, technical or investigative work which demonstrated the ability and aptitudes required to perform technical, managerial or analytical work involving management information systems. OR SUBSTITUTION OF EXPERIENCE FOR EDUCATION: One year of related academic study above the high school level may be substituted for 9 months of experience up to a maximum of a 4 year bachelor's degree in IT security or computer information systems for 3 years of general experience. AND SPECIALIZED EXPERIENCE: 5 years of demonstrated experience in at least two of the following: Risk management validation; IT security compliance and reporting; Technical risk analysis; and Authorization and accreditation. And experience in the performance of: System Security Assurance: ensuring that entire systems meet security requirements, function securely, and undergo comprehensive testing for overall security assurance. Security Assessments: conducting security assessments and developing Security Assessment Plans (SAPs). Technical Understanding: interpreting network diagrams, vulnerability scans, and compliance scans. Security Documentation: creating and maintaining various security documents, including Security Assessment Plans. Risk Management Framework: conducting security control assessments following a Risk Management Framework approach, along with conducting risk assessments and developing security assessment reports. And in-depth knowledge of: NIST 800-53, risk mitigation strategies for computer operating systems, networks, or cloud services, and security controls and compliance frameworks. This position is designated in accordance with SECNAV M-5510.30 and will require a favorable Single Scope Background Investigation (SSBI). Candidates must be eligible for and obtain a Top Secret Clearance, within 6 months of appointment. Failure to obtain will result in termination.

Education

4-year bachelor's degree in a related field preferred.

Contacts

  • Address Navy Exchange Service Command - NEXCOM 3280 Virginia Beach Boulevard Virginia Beach, VA 23452 US
  • Name: Human Resources
  • Email: [email protected]

Map

Similar vacancies

INFORMATION TECHNOLOGY SPECIALIST (INFOSEC) Sep 26 2023
$99 714 - 129 625

As a INFORMATION TECHNOLOGY SPECIALIST (INFOSEC) you will be responsible for the following duties: This Position is located in the Defense Counterintelligence and Security Agency, Field Operations Di...

Security Control Assessor (SCA) Nov 05 2024
$88 520 - 113 629

Skilled at conducting in-depth assessments that uncover vulnerabilities and delivering innovative solutions to bolster security posture. Driven to protect critical information and support organization...

Information Technology Cybersecurity Specialist , GS-2210-12 Apr 24 2024
$88 183 - 114 634

As an Information Technology Cybersecurity Specialist within the USCG Atlantic Area (LANTAREA), Maritime Intelligence Fusion Center Atlantic (MIFC LANT), Intelligence Support Division (ISD), this posi...

Information Technology Cybersecurity Specialist , GS-2210-12 Feb 15 2024
$88 183 - 114 634

As an Information Technology Cybersecurity Specialist within the USCG Atlantic Area (LANTAREA), Maritime Intelligence Fusion Center Atlantic (MIFC LANT), Intelligence Support Division (ISD), this posi...

IT SPECIALIST (INFOSEC) Jan 08 2024
$83 854 - 153 178

You will have overall insight into the development and management of business and engineering processes, policies, procedures, products, and operational schedules necessary for the execution of assign...