Navy Qualified Validator

Resource Management Concepts, Inc.•Port Hueneme, CA

13h•$123,000 - $183,000•Onsite

About The Position

Resource Management Concepts, Inc. (RMC) is seeking Navy Qualified Validators to support an upcoming contract with the Department of the Navy onsite in Port Hueneme, CA. This role involves supporting the research, development, testing, and evaluation of new and emerging technologies, including cloud services and Big Data analytics, based on business case analysis. The position also requires supporting the command's computing environment by maintaining servers, networks, applications, and databases, and performing OS upgrades and security patches to ensure compliance with cybersecurity standards and operational availability for both unclassified and classified systems (up to Secret) and the Secure Internet Protocol Network (SIPRNET). This position is contingent on contract award.

Requirements

3 years of experience in an Information Assurance (IA) or Assessment and Authorization (A&A) related field
3 years of experience with RDT&E and Business IT systems and the phases of Certification and Accreditation (C&A) / Risk Management Framework (RMF) processes
Working knowledge of C&A/RMF subject areas with familiarity with Navy IT sites, systems, and infrastructure, and experience applying Navy C&A/RMF guidance to Navy authorization efforts
Experience developing and maintaining System Security Plans (SSP), Contingency Plans, Privacy Impact Assessments, Certification Reports, Accreditation Reports, POA&Ms, and related cybersecurity documentation
Active Navy SCA Navy Qualified Validator appointment, with demonstrated knowledge of the RMF process and working experience with tools such as eMASS, eMASSter, STIG Viewer, SCAP Compliance Checker (SCC), VRAM, and Visio
Bachelor’s degree in Computer Science
Meets DoD 8570/8140 requirements for: IAT Level III (e.g., CASP+ CE, CCNP Security, CISA, CISSP/Associate, GCED, GCIH, or equivalent)
Meets DoD 8570/8140 requirements for: IAM Level II (e.g., CAP/CGRC, CASP+ CE, CISM, CISSP/Associate, GSLC, or equivalent)
Active T5 (Top Secret) clearance with eligibility for access to classified information; must be able to maintain clearance as a condition of employment

Responsibilities

Assess Navy information systems against DoD and DON RMF requirements, evaluating technical, operational, and management controls for cybersecurity compliance.
Review and validate RMF documentation and artifacts (SSPs, SARs, POA&Ms, Contingency Plans, scan reports) to ensure completeness, accuracy, and audit readiness.
Perform independent validation of accreditation packages (e.g., ATO/IATO), clearly articulating risks, residual risk, and recommended mitigations to stakeholders.
Use tools such as eMASS, STIG Viewer, SCAP Compliance Checker, and VRAM to validate control implementation, document findings, and track remediation progress.
Analyze vulnerability and configuration scan outputs to identify gaps, prioritize remediation, and support secure baselining of systems in classified and unclassified environments.
Partner with ISSMs, ISSOs, system owners, and engineering teams to interpret RMF requirements, advise on secure architectures, and support continuous monitoring activities.