Fully Qualified Navy Validator

US-PA-Philadelphia
Job ID
2017-1048
Category
Information Technology
Type
Regular Full-Time
Division
Federal
Eligibility for Security Clearance Required
Yes

Overview

The GBS Group, an engineering services and consulting firm has an opening for a Fully Qualified Navy Validator to join our Philadelphia Engineering Office.  The GBS Group designs and delivers high technology services and solutions to most advanced naval and maritime ships, as well as to special purpose platforms and assets.  Our office is located at the Philadelphia Navy Yard, which is a dynamic urban development, offering the Philadelphia region a unique and centrally-located waterfront business campus committed to smart energy innovation and sustainability. The Navy Yard has over 20 acres of parks, one mile of waterfront trail and is located less than one-half mile from the Wells Fargo CenterLincoln Financial FieldCitizens Bank Park, as well as the retail/entertainment center Xfinity Live!.

Responsibilities include but are not limited to

  • Plan, coordinate, and implement security measures defined by DoD security standards.
  • Prepare Certification & Accreditation packages in compliance with Risk Management Framework (RMF) for DoD Information Technology (IT) (DoDI 8510.01), in support of NAVSSES, ensuring compliance with Federal, Department of Defense and Navy Information Assurance policies.
  • Coordinate certification and accreditation activities within scope of Program Director, IA PM, System IAM and Designated Approving Authorities (DAAs).
  • Disseminate Information Assurance Vulnerability Alerts (IAVAs) to System Administrators (SAs) and Information Assurance Security Officers (IASOs) ensuring IAVAs are received and acknowledged.
  • Monitor IAVA compliance and reporting, ensuring IS and networking security scans are performed, completed and documented.
  • Report program effectiveness to program director; ensure compliance of all program IS, ensuring assets are properly reported and scans validated.
  • Create, Submit, Validate Certification and Accreditation (C&A) packages in accordance with Risk Management Framework (RMF) for DoD Information Technology (IT) (DoDI 8510.01)/DIACAP
  • Create and process Platform IT (PIT) Risk Approval (PRA) packages in accordance with NAVSEAINST 9400.2
  • Review risk analysis and accreditation documentation for timeliness, completeness, and accuracy; ensuring all necessary materials are forwarded for review.
  • Interface with project stakeholders, including operations, developers, and customers to ensure compliance IA compliance in all phases of projects.
  • Support and coordinate multiple project certification/recertification efforts including preparation and delivery of all C&A documentation, remediation/adjudication steps, etc.
  • Collaborate with teammates to improve quality and testability of solutions.
  • Support the needs of an Agile Software Development Team.

Qualifications

Candidates must possess the following professional experience and qualifications:

  • Fully Qualified Navy Validator
  • CISSP Certification
  • DoD 8570 compliant IAT-3
  • 7 years of experience analyzing software security
  • Active DoD security clearance at a Secret Level or higher
  • US citizenship

Desired Characteristics:

  • Experience completing Certification & Accreditation packages.
  • Experience with vulnerability scanners such as Retina, Nessus, ASUS and W3af.
  • Experience with reporting/compliance tools such as eMASS and VMS.
  • Ability to read, understand and formulate responses to vulnerability assessment reports.
  • Strong understanding of PKI authentication mechanisms and troubleshooting, including SSL/TLS.
  • Strong understanding Authentication and Authorization mechanisms.
  • Experience with Windows, networking, and web application frameworks.
  • Strong analytical and problem-solving skills.
  • Strong interpersonal, verbal and written communication skills, as well as presentation skills, including the ability to write reports and create/deliver technical briefings.
  • Experience working in a DoD environment.
  • Information Assurance/Information Security experience with National Security Systems (NSS) to include: US Navy shipboard and land-based Combat Systems; Hull, Mechanical and Electrical (HM&E) systems; or Industrial Control Systems (ICS) in a US Navy environment.
  • Linux experience.

EEO Statement

The GBS Group is proud to be an equal opportunity employer. We pledge equal access to employment, facilities, and programs, regardless of race, color, religion, sex/gender, sexual orientation, national origin, age, disability, marital or familial status, pregnancy, veteran status, genetic information, or any other characteristic protected by law.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed