Navy Qualified Validator/Cybersecurity Analyst

Navy Qualified Validator/Cybersecurity Analyst

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: Secret

Employee Type: Regular

Percentage of Travel Required: None

Type of Travel: None

* * *

The Opportunity:

CACI is seeking a highly motivated and experienced Navy Qualified Validator/Cybersecurity Analyst to support the Aviation Cost Evaluation System (ACES). In this role, you will be responsible for performing all RMF validation/Navy qualified validator duties for ACES in eMASS and ensuring the system's Authority to Operate (ATO) remains current.

• This position is 100% remote. No travel required.

• Must have an ACTIVE Secret-level clearance, at minimum.

Responsibilities:

• Conduct security assessments of system security plans to help ensure that plans provide security controls for information systems that meet stated security requirements.

• Conduct comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls.

• Ensure compliance of security configurations for IT systems and aid in providing clear and concise processes and procedures for the implementation and enforcement of system security configurations.

• Support the risk management process by helping to determine and assign risk impact ratings in accordance with Information Assurance standards guidelines and methodologies and by aiding in the development and maintenance of Plans of Action and Milestones (POA&Ms) for IT systems identified in the Risk Management Framework (RMF) process and annual security assessments of IT systems.

• Provide assessments of the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions to address identified vulnerabilities and prepare the security assessment reports containing the results and findings from system security assessments.

• Demonstrated knowledge and experience of IA / INFOSEC concepts and requirements: Firewall Policy, Ports & Protocols, Cybersecurity, Cybersafe.

• Knowledge of the DOD A&A process and standards: DIACAP, RMF.

• System/network vulnerability analysis.

• Risk assessment and risk mitigation analysis.

• Security Test and Evaluation (ST&E).

• Contingency planning.

• Knowledge and experience of the Defense Information Systems Agency published Security Technical Information Guidance (STIG) requirements and implementation/compliance process.

• Knowledge of virtualization, networking, Windows and Linux Operating Systems, and storage and backup.

• Possess strong oral and technical writing skills.

• Possess extensive knowledge of the US Government Information Assurance Security Processes.

• Knowledge of Information Assurance policies and procedures, and processes are also desired.

• Practical experience in Cybersecurity, Engineering, T&E or A&A.

Qualifications:

Required: 
 

Navy Experience:

• Minimum five (5) years of …