Today
Top Secret
Unspecified
Unspecified
Norfolk, VA (On-Site/Office)
Education: Bachelor's degree in an IT related discipline or Level II Certification (Security+ or better)
Location: Norfolk, VA
Certification: Level II Certification (Security+ or better)
Clearance: Top Secret
Experience: Minimum of seven (7) years of experience in CS/A&A analysis support in IA controls analysis, conducting risk assessments, risk mitigation analysis, or developing plans. Examples of relevant experience may include the following:
a. Personnel qualified and registered as a Navy Qualified Validator (NQV)
b. Cyber Security (CS) / Risk Management Framework (RMF) concepts and requirements (DoDI 8510.01)
c. Fully qualified in accordance with DoD 8570.01M.
d. Accreditation & Authorization (A&A) process and standards.
e. System / network vulnerability analysis.
f. Risk assessment and risk mitigation analysis.
g. Security Test and Evaluation (ST&E) processing.
h. Security Technical Implementation Guide (STIG) Processing
i. Use of automated STIG processing tools [e.g., Security Content Automation Protocol (SCAP), Evaluate STIG, STIGMAN, EMASSter...]
j. Use of Enterprise Mission Assurance Support Services (eMASS) and similar RMF repositories.
k. Setup and execution of A&A Business Rules, Standard Operating Procedures (SOP)s, Concept of Operations (CONOP)s, and Plans.
l. Contingency planning, training and testing.
m. Establish/interrupt Firewall Policy.
n. Interrupt, register Ports & Protocols.
o. Hardware / Software, network boundaries, flow diagrams and technical drawings.
p. Interrupting information in the system baseline configuration in VRAM by uploading vulnerability scan of a representative baseline system.
q. Expert and Mastery levels with institutional knowledge on the mission critical procedures, systems, and processes, as they pertain to Information Technology and Cyber Security requirements.
r. Advise on the proper method to mitigate vulnerabilities.
s. Experience in certifying and accrediting DON information systems and networks, as well as Platform IT.
t. Expert knowledge of and experience with CS/RMF requirements as defined by Public Laws, National, DoD, and DON [e.g., Federal Information Security Management Act (FISMA), DoDD 8100.02, DODI 8500.01, DoDI 8520, DoDI 8530, DoDI 8531, SECNAV 5239 Series and OPNAV 5239 Series, NIST Special Publications Series 800, etc.]
u. Expert knowledge and experience with the requirements outlined in OPNAVINST N9210.3 Safeguarding Naval Nuclear Propulsion Information
v. Produce executive documents, reports, project plans and plan of action and milestones (POA&M).
Location: Norfolk, VA
Certification: Level II Certification (Security+ or better)
Clearance: Top Secret
Experience: Minimum of seven (7) years of experience in CS/A&A analysis support in IA controls analysis, conducting risk assessments, risk mitigation analysis, or developing plans. Examples of relevant experience may include the following:
a. Personnel qualified and registered as a Navy Qualified Validator (NQV)
b. Cyber Security (CS) / Risk Management Framework (RMF) concepts and requirements (DoDI 8510.01)
c. Fully qualified in accordance with DoD 8570.01M.
d. Accreditation & Authorization (A&A) process and standards.
e. System / network vulnerability analysis.
f. Risk assessment and risk mitigation analysis.
g. Security Test and Evaluation (ST&E) processing.
h. Security Technical Implementation Guide (STIG) Processing
i. Use of automated STIG processing tools [e.g., Security Content Automation Protocol (SCAP), Evaluate STIG, STIGMAN, EMASSter...]
j. Use of Enterprise Mission Assurance Support Services (eMASS) and similar RMF repositories.
k. Setup and execution of A&A Business Rules, Standard Operating Procedures (SOP)s, Concept of Operations (CONOP)s, and Plans.
l. Contingency planning, training and testing.
m. Establish/interrupt Firewall Policy.
n. Interrupt, register Ports & Protocols.
o. Hardware / Software, network boundaries, flow diagrams and technical drawings.
p. Interrupting information in the system baseline configuration in VRAM by uploading vulnerability scan of a representative baseline system.
q. Expert and Mastery levels with institutional knowledge on the mission critical procedures, systems, and processes, as they pertain to Information Technology and Cyber Security requirements.
r. Advise on the proper method to mitigate vulnerabilities.
s. Experience in certifying and accrediting DON information systems and networks, as well as Platform IT.
t. Expert knowledge of and experience with CS/RMF requirements as defined by Public Laws, National, DoD, and DON [e.g., Federal Information Security Management Act (FISMA), DoDD 8100.02, DODI 8500.01, DoDI 8520, DoDI 8530, DoDI 8531, SECNAV 5239 Series and OPNAV 5239 Series, NIST Special Publications Series 800, etc.]
u. Expert knowledge and experience with the requirements outlined in OPNAVINST N9210.3 Safeguarding Naval Nuclear Propulsion Information
v. Produce executive documents, reports, project plans and plan of action and milestones (POA&M).
group id: 10111879
