Fully Qualified Navy Validator (NQV)

Digital Consultants, LLC•Philadelphia, PA

About The Position

Leading with our people, Digital Consultants’ mission is to deliver the highest level of professional solutions while being a trusted partner and advisor to our customers. With a culture of practicality, opportunity, and creativity, we remain dedicated to being honest, trustworthy, respectful, and ethical in everything we do. We are a certified SBA 8(a) small, disadvantaged business that supports multiple IT customers within the Federal, civilian, and private sectors. Digital Consultants also offers our employees growth opportunities, competitive wages, and a full benefits package. Our founding principles, Fairness and Common Sense, make working here more than a job; it’s the Digital family. Digital Consultants seeks a Fully Qualified Navy Validator (NQV) provides independent Risk Management Framework (RMF) validation and assessment services in support of Naval Surface Warfare Center Philadelphia Division (NSWCPD) Department 40 systems. The NQV acts as an independent third-party assessor, validating the implementation of approved security control baselines and serving as a trusted agent to the Navy Security Control Assessor (SCA).

Requirements

Clearance: SECRET (Interim Secret is acceptable), US Citizen
Certifications: IAM Level II and Registered as a FQNVIII. Must be able to obtain and maintain privileged access to DoD systems in accordance with applicable Privileged Access Agreements and DFARS 252.239-7001 requirements.
Education: Bachelor’s degree in computer science
Experience: Five (5) years of professional experience in the management of Information Assurance Technical (IAT), certification agents and system engineers on the compliance requirements to achieve certification and accreditation IAW the DoD RMF program and the Department of Navy (DON) Chief Information Officer (CIO) IA Policy for Platform Information Technology (PIT) Systems. Professional experience in support of the Department of the Navy (DON) or the Department of Defense (DoD) is preferred.
Physical Requirements: The candidate must be able to travel to other worksites as required and with or without reasonable accommodation, be able to sit, stand, use computers and monitors, and perform duties in an office environment for extended periods. The candidate must be able to lift up to 40 lbs. on occasion (e.g., moving a case of paper or similar task) that may occur occasionally.

Nice To Haves

Professional experience in support of the Department of the Navy (DON) or the Department of Defense (DoD) is preferred.

Responsibilities

Perform independent validation and assessment of Navy RMF packages in accordance with DoDI 8510.01, DON RMF guidance, NAVSEA Business Rules, and Navy SCA office procedures
Act as a trusted agent to the Security Control Assessor (SCA) while maintaining required separation of duties from ISSM and ISSE roles
Develop, coordinate, and execute Security Assessment Plans (SAPs) for afloat and Platform IT (PIT) ashore systems
Conduct on-site technical testing and validation activities, including control assessment and verification of security control implementation
Execute and review STIGs, SRGs, ACAS scans, and vulnerability assessment results to validate system security posture
Document assessment results and residual risk in Security Assessment Reports (SARs) and Risk Assessment Reports (RARs)
Evaluate system compliance with applicable NIST SP 800-53 security controls and assessment procedures
Brief validation findings, risks, and recommendations to Government stakeholders, including SCA and Authorizing Officials
Support Authorization to Operate (ATO), Assess Only (AO), or De-Authorization to Operate (DATO) decisions through accurate, objective reporting
Ensure RMF validation activities are accurately documented and maintained in Navy eMASS
Comply with all Navy cybersecurity, security, and access requirements while performing validation activities