Secret Cyber Validator
Insight Global
Job Description
As the Cyber Security Engineer, the individual will perform tasks related to Assessment & Authorization (A&A) within MDIA to ensure assigned DoD, DoN systems/Enclaves/Networks can obtain and maintain Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications. In this role, the Cyber Security Engineer will conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs. Additionally, the individual will serve as an Information Systems Security Officer (ISSO) and review and conduct technical security assessments of computing environments to identify points of vulnerabilities, non-compliance with established cyber security standards and regulations, and recommend mitigation strategies to the team.
Responsibilities
Develops RMF documentation to include system security plan artifacts which include hardware/software lists, topology diagrams, PPS, vulnerability management plan, incident response plan, contingency plan, system POA&M, Information Security Continuous Monitoring (ISCM) Strategy, and all other DoD and Navy mandated artifacts that comprise the Security Authorization Package
Develops, maintains, and monitors the necessary artifacts for A&A package submission to receive ATC, ATT, and ATO authorizations
Conduct risk assessments of information systems to identify vulnerabilities, risks, and protection needs
Heavy participation in and responsible for RMF step 4 activities and requirements. Must prepare risk assessment documentation and artifacts according to the published Navy SCA requirements. Provides guidance and assistance for Navy RMF step 3 requirements
Performs weekly ACAS vulnerability scans utilizing DoD/DoN mandated practices and software utilities
Conducts assessments of cybersecurity control compliance in accordance with DoDI 8500.01, DoDI 8510.01, CNSSI 1253, and the Navy RMF Process Guide (RPG)
Prepares daily, weekly, and monthly reports detailing task and responsibility status.
Develops, reviews, and maintains RMF artifacts for RMF compliance. Updates artifacts as changes to the networks occur
Monitors and executes compliance as defined by Navy and DoD policy and guidance.
Weekly uploads of vulnerability scans to VRAM tool
Updates and validates policies, processes, and SOPs, in accordance with DoN and DoD policies and regulations
Provides IT Security Incident Response support services and reports all tenant IT incidents ranging from security violations (i.e., information spillage and unauthorized usage) and suspicious activity reports
Performs RMF system categorization; select controls, tailor security controls, implement controls, and test security controls activities
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Skills and Requirements
-Active Secret clearance
-Minimum of seven (7) years of hands-on experience in IT Security
-Must have at minimum (2) years experience with Navy RMF or DoD RMF process and procedures; must have completed full DoD or Navy RMF authorization package from start to ATO
-IAT-III/ IAM-III level certified (CASP, CCNP Security, CISA, CISSP, GCED, GCIH, CCSP, CISM, GSLC, CCISO)
-Subject matter expert level familiarity and knowledge of eMASS as well as experience in the development of Assessment and Authorization plans is required
-Deep level of knowledge and familiarity with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), eMASS, other DoN, and DoD cybersecurity tools is required Bachelors degree (preferably in Information Technology, Information Management, or Cyber Security)
Certified Information Systems Security Professional (CISSP) certification
Navy SCA requirements to be certified as a Navy Validator null
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.
Confirm your E-mail: Send Email
All Jobs from Insight Global