Jobs · Information Technology · Missouri

Cybersecurity Validator (IV&V) / Active Secret

Peraton · Kansas City, MO · 2 wk ago
HybridInformation TechnologyFull-time

Overview

We are seeking an Independent Verification and Validation Specialist to:

  • Support U.S. Marine Corps (USMC) enterprise-level hybrid-, multi-cloud operations.
  • Enable USMC worldwide customers to execute critical missions.

Responsibilities

  • Planning, leading and conducting verification and validation activities for cross-functional areas of Cybersecurity services.
  • Assessing implemented security controls including technical and documentation artifacts to determine compliance and risk posture.
  • Interpreting information assurance & cybersecurity guidance and applying technical expertise to assess compliance and risk in the following areas:
    • Navy/USMC Independent Verification & Validation.
    • Authorization and Accreditation (C&A)/Assessment and Authorization (A&A) (including Risk Management Framework).
    • Private and public cloud operations including commercial cloud-hosted environments (FedRAMP/DOD Certification inheritance models).
  • Preparing documentation from information obtained from customer using accepted guidelines such as RMF (Risk Management Framework).
  • Preparing risk scoring and assessment recommendations to government leadership.
  • Analyzing policies and procedures against Federal laws and regulations and providing recommendations for closing gaps to support Plan of Action and Milestone (POA&M) development.
  • Conducting security program audits.
  • Performing vulnerability assessments.
  • Completing required analysis of and posting information through governance systems, currently eMASS.
  • Supporting Security Control Assessor (SCA) operations.

Minimum Requirements

  • 8 years with a BS/BA degree; or minimum of 6 years with MS/MA; or minimum of 3 years with PhD. An additional 4 years of experience will be considered in lieu of the bachelors degree.
  • IAT II Certification required (8570) or Security Control Assessor-Intermediate (8140).
  • ACAS and SCC/SCAP experience.
  • eMASS experience and certification.
  • Experience in USMC or DOD RMF requirements for authorization and accreditation.
  • Experience evaluating risk scoring.
  • Experience with Evaluate STIG, Open RMF, manual STIG review (STIG Viewer, .cklb) and other STIG compliance review and tracking tools and practices.
  • Knowledge and experience of cloud application of RMF and cloud security requirements.
  • Knowledge of NIST 800-53A and experiencing applying those guidelines in evaluating a system for security risk and compliance.
  • Experience in documenting POA&Ms in eMASS and preparing and submitting Risk Assessment.
  • Experience developing, planning, and executing security test plans such as Security Assessment Plan (SAP) and Security Assessment Reports (SAR).
  • U.S. citizenship required.
  • DoD Secret clearance/Tier 3 BI.

Desired

  • USMC or Navy Certified validator (preferred).
  • Azure cloud certification (Administrator AZ-104 and Security Engineer AZ-500).
  • RMF Certification.
  • ACAS certification.

EEO

Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Similar jobs