OPTEVFOR - Senior Navy Qualified Validator (RMF- SCA)

Rigid Tactical•Norfolk, VA

16d

About The Position

Rigid Tactical is actively seeking a Senior Navy Qualified Validator (NQV) / RMF, Security Control Assessor (SCA) to join our mission-focused team as Key Personnel on critical defense contracts. This is not a standard compliance role; it is a vital, independent validation function that directly ensures the operational security posture of U.S. Navy IT systems. The successful candidate will apply advanced Risk Management Framework (RMF) expertise to conduct comprehensive security assessments, providing the crucial analysis and documentation necessary to achieve and maintain Authorization to Operate (ATO) for systems supporting the warfighter. Your work will directly mitigate risk, uphold mission readiness. This position is contingent upon award of the relevant contract or funding. Furthermore, employment is subject to the successful completion of all stages within the company's hiring pipeline, which includes, but is not limited to, background checks, drug screenings (if applicable), and verification of credentials.

Requirements

Minimum 8 years’ experience as an NQV.
(ISC)² Certified Authorization Professional (CAP)
CompTIA Cybersecurity Analyst (CySA+)
Certified Information Security Manager (CISM)
Certified Ethical Hacker (CEH) (Practical/Master)
Certified Data Privacy Solutions Engineer (CDPSE) or CIPP/G
TS/SCI clearance

Responsibilities

Conduct independent, comprehensive assessments of management, operational, and technical security controls and control enhancements within IT systems to determine overall effectiveness.
Execute and conduct analysis of network and system Assured Compliance Assessment Solution ACAS vulnerability scans or DoD approved tools to validate appropriate security control implementation.
Conduct periodic auditing of RMF artifacts to ensure proper adherence to DoD instruction, Navy requirements, and the NIST Special Publication 800 series standards.
Develop and maintain critical A&A documentation, including System Security Plans SSP} , Contingency Plans, Privacy Impact Assessments, Certification Reports, Accreditation Reports, and Plans of Action and Milestones POA
Initiate and prepare A&A RMF packages using the Enterprise Mission Assurance Support Service ( eMASS} ensuring existing packages are maintained in a compliant status and that all requirements are verified.
Apply Navy A&A} guidance and policy to achieving/maintaining program objectives and enhancing the overall quality of RMF} packages for receiving an ATO} .
Actively work with the designated Information Systems Security Manager ISSM Information Systems Security Engineer ISSE} system owners, technical leads, and other stakeholders throughout the RMF process.
Provide final security assessment support and guidance regarding vulnerability remediation and determination of the overall risk posture.
Coordinate technical meetings, prioritize topics, and identify objectives to support A&A package development and ensure timely program completion.
Maintain thorough and current knowledge of RMF and A&A processes, standards, and industry best practices, including the NIST Special Publication 800 series.
Apply knowledge of DoD or DoN network architectures and policy toward assessment and identification of vulnerabilities.
Verify implementation of security postures as stated, document deviations, and recommend new or revised security measures based on review results.