Navy Qualified Validator (NVQ)

Client Solution Architects (CSA) is currently seeking a Navy Qualified Validator (NVQ) to support a program at Norfolk Naval Shipyard, Portsmouth, V.A.

For nearly 50 years, CSA has delivered integrated technology and operational support services to meet the defense and federal sector's most complex enterprise needs. Working from operations centers and shipyards to training sites and program offices, CSA deploys experienced teams, innovative tools and proven processes to advance federal missions.

This position is contingent on award.

How Role will make an impact:

• Conduct in-depth analysis of Information Assurance (IA) controls and provide expert support for CS/A&A processes.
• Perform comprehensive system and network vulnerability analysis, risk assessments, and risk mitigation analysis.
• Develop, manage, and track Plans of Action and Milestones (POA&M) to address and mitigate vulnerabilities.
• Execute Security Test and Evaluation (ST&E) procedures and process Security Technical Implementation Guides (STIGs) using automated tools like SCAP and Evaluate-STIG.
• Utilize and manage information within Enterprise Mission Assurance Support Services (eMASS) and similar Risk Management Framework (RMF) repositories.
• Develop and implement A&A Business Rules, Standard Operating Procedures (SOPs), and Concept of Operations (CONOPs).
• Advise on the proper methods to mitigate vulnerabilities and ensure compliance with security requirements.
• Establish, interpret, and manage Firewall policies, including the registration of ports and protocols.
• Analyze hardware/software configurations, network boundaries, and technical diagrams to ensure security integrity.
• Support contingency planning, training exercises, and testing to ensure system resilience.
• Produce high-quality executive-level documents, reports, and project plans.
• Certify and accredit DON information systems, networks, and Platform IT.

Requirements

What you'll need to have to join our award-winning team:

• Clearance: Must possess and maintain an active Secret Clearance
• A bachelor's degree in an IT-related discipline OR a current Level II Certification (e.g., Security+, CySA+, GSEC, SSCP, or better) and a minimum of seven (7) years of professional experience in Cybersecurity/A&A analysis support.
• Must be fully qualified in accordance with DoD 8570.01M.

What Sets you apart:

• Navy Qualified Validator (NQV): Registered and qualified as an NQV.
• Risk Management Framework (RMF): Strong understanding of RMF concepts and requirements as defined in DoDI 8510.01.
• Security Tools: Proficient in using automated STIG processing tools (e.g., SCAP, Evaluate-STIG, STIGMAN) and RMF repositories like eMASS.
• Vulnerability Management: Experience with system/network vulnerability analysis and interpreting information in VRAM from vulnerability scans.
• Policy and Compliance: Expert knowledge of CS/RMF requirements defined by public laws and DoD/DON instructions (e.g., FISMA, NIST SP 800 series, SECNAV 5239 series, OPNAVINST N9210.3).
• Network Security: Ability to establish and interpret firewall policies, register ports and protocols, and analyze network flow diagrams.
• Technical Documentation: Proven ability to produce executive documents, project plans, and POA&Ms.
• Institutional Knowledge: Mastery of mission-critical procedures, systems, and processes related to IT and Cybersecurity requirements.