VariQ has an exciting opportunity for a highly qualified IA Validatorto support the Defense Information Systems Agency (DISA) in Ft. Meade, MD.
Available upon award, currently in proposal/bid stage
Location: Ft. Meade and Contractor site
Security Clearance: TS/SCI
Salary: dependent upon experience
Shall have at least 5 years of specialized experience in the field of cybersecurity validation.
Shall have an Information Assurance Manager (IAM) Level II certification in accordance with DoD 8570.01-M (CAP, CASP, CISM, CISSP).
Shall have functional knowledge of DoDI 8510.01, Committee of National Security Service Instruction (CNSSI) 1253, National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 rev4.
Shall have hands-on experience utilizing DoD-approved scanning/testing tools (Nessus, Security Technical Implementation Guides (STIG) Checker, Security Content Automation Protocol (SCAP), etc.), and performing analysis of output.
Able to interact with the Information Systems Security Manager (ISSMs), System Information Systems Security Officer (ISSOs), Information Systems Security Engineers (ISSEs), and Security Controls Assessor (SCA) regarding interpretation of STIG requirements and applicability of security controls and required documentation/artifacts needed prior to a validation event.
Able to conduct STIG research and ensure compliance with all necessary STIG checklists.
Capable to review security controls and developer documentation; and, report missing or outdated documentation to stakeholders.
Capable to complete all Cybersecurity Assessment Readiness Review (CSARR) presentation slides and conduct the CSARR meeting.
Experienced in completing and submitting a Security Assessment Plan (SAP).
Experienced in conducting daily hotwash during validations; providing analysis of validation results and submitting Security Assessment Report (SAR); upload validation results into eMASS and other repositories.
Experienced using Enterprise Mission Assurance Support Service (eMASS) is preferred.