SCA-R Validator

About The Position

Requirements

• Bachelor's degree (IT-related field preferred)
• DoD 8570 IAM/IA Technical (IAT) Level II certification
• Eight (8) years of overall experience in cybersecurity or network security position
• Five (5) years of experience in a Certification and Accreditation/A&A role
• Must possess an active DoD Top Secret clearance with SCI eligibility
• Demonstrated experience with STIGs (Security Technical Implementation Guides), Security Requirement Guides (SRGs), Plan of Action and Milestones (POA&Ms) and cybersecurity best practices
• Advanced understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253
• Demonstratable experience in risk analysis, control validation, and as a Security Control Assessor Representative (SCA-R).
• Demonstrated experience with relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS
• Advanced understanding of key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications
• Customer service skills

Responsibilities

• Use government-assigned tools to perform weekly updates, maintain records, and complete tasks.
• Coordinate with ISSMs and PMOs to understand system architecture, security requirements, and changes.
• Conduct risk analysis and authorization tasks across all RMF steps using approved RE5 tools and processes.
• Verify authorization boundaries and categorize systems (FIPS199).
• Identify data classifications and conduct system-level risk assessments.
• Track system changes, assess impacts, and report updates to the AO.
• Evaluate authorization and change requests, web filtering, firewall exceptions, ports/protocols, cybersecurity risks, STIG/SRG compliance, and on-site security.
• Lead assessment visits, conduct briefings, and ensure proper documentation and reporting.
• Attend required government training and meetings to stay updated on process changes.
• Maintain access and proficiency in required government databases and cybersecurity tools.
• Assess threats, vulnerabilities, and residual risks; compile findings into authorization packages.
• Support assigned systems throughout their lifecycle in alignment with FISMA requirements.
• Submit weekly activity reports summarizing tasks, tracking IDs, and key updates.
• Complete assessor training, vulnerability scanning, endpoint security, and RMF step training.

Benefits

• 26 Days Paid Leave: Includes vacation, sick, personal time, and holidays.
• Performance Bonuses: Performance bonuses are awarded based on individual contributions and company-wide results.
• 401(k) with Match: We match 3% of your contributions with immediate vesting.
• Financial Protection: Company-paid life insurance up to $300K and options for additional coverage for you and your dependents.
• Health Benefits: Multiple medical plans, dental, vision, FSA and HSA options to fit your needs.
• Parental Leave: 15 days of fully paid leave for new parents.
• Military Differential Pay: We bridge the gap for employees on active duty.
• Professional Growth: Paid training and certifications, tuition reimbursement, and the tools and tech to get the job done right.
• Shared Success: In the event of a company sale, our CEO has committed to returning 80% of net proceeds to employees.