Cybersecurity Validator (IV&V) / Active Secret
Indexed description
About The Role
Peraton is hiring an experienced Cybersecurity Validator (IV&V)
Location: Kansas City, MO, Quantico, VA, or Camp Lejeune, NC; Flexible for occasional telework - must be local to work location.
Overview:
We are seeking an Independent Verification and Validation Specialist to:
- Support U.S. Marine Corps (USMC) enterprise-level hybrid-, multi-cloud operations.
- Enable USMC world-wide customers to execute critical missions.
- As a Independent Verification and Validation Specialist (Validator), you will work with a team responsible for validating system compliance with RMF Framework, DOD/Navy/USMC/MCCOG/HCS cybersecurity requirements for systems in the hybrid-, multi-cloud enterprise environment.
- You will conduct validation of vulnerability analysis and self- assessment technical reviews, authorizaton and accreditation documentation and provide recommendations to government leadership on the risks associated with operating on or connected to USMC networks.
- Planning, leading and conducting verification and validation activities for cross-functional areas of Cybersecurity services.
- Assessing implemented security controls including technical and documentation artifacts to determine compliance and risk posture.
- Interpreting information assurance & cybersecurity guidance and applying technical expertise to assess compliance and risk in the following areas:
- Navy/USMC Independent Verification & Validation.
- Authorization and Accreditation (C&A)/Assessment and Authorization (A&A) (including Risk Management Framework).
- Private and public cloud operations including commercial cloud-hosted environments (FedRAMP/DOD Certification inheritance models).
- Preparing documentation from information obtained from customer using accepted guidelines such as RMF (Risk Management Framework).
- Preparing risk scoring and assessment recommendations to government leadership.
- Analyzing policies and procedures against Federal laws and regulations and provides recommendations for closing gaps to support Plan of Action and Milestone (POA&M) development.
- Conducting security program audits.
- Performing vulnerability assessments.
- Completes required analysis of and posting information through governance systems, currently eMASS.
- Supporting Security Control Assessor (SCA) operations.
- 8 years with a BS/BAdegree; or minimum of 6 years with MS/MA; or minimum of 3 years with PhD. An additional 4 years of experience will be considered in lieu of the bachelors degree.
- IAT II Certification required (8570) or Security Control Assessor-Intermediate (8140).
- ACAS and SCC/SCAP experience.
- eMASS experience and certification.
- Experience in USMC or DOD RMF requirements for authorization and accreditation.
- Experience evaluating risk scoring.
- Experience with Evaluate STIG, Open RMF, manual STIG review (STIG Viewer, .cklb) and other STIG compliance review and tracking tools and practices.
- Knowledge and experience of cloud application of RMF and cloud security requirements.
- Knowledge of NIST 800-53A and experiencing applying those guidelines in evaluating a system for security risk and compliance.
- Experience in documenting POA&Ms in eMASS and preparing and submitting Risk Assessment.
- Experience developing, planning, and executing security test plans such as Security Assessment Plan (SAP) and Security Assessment Reports (SAR).
- U.S. citizenship required.
- DoD Secret clearance/Tier 3 BI.
- USMC or Navy Certified validator (preferred).
- Azure cloud certification (Administrator AZ-104 and Security Engineer AZ-500).
- RMF Certification.
- ACAS certification.
Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at https://www.careers.peraton.com/benefits.
Application Statements: The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. By applying to this job, you are expressing interest in the role and the Company. During the review of your application, you may be required to participate in an on-camera interview, as well as participate in a process to verify your identity.
EEO:Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search