Validator/Vulnerability Management Lead (5165)

SMX is seeking a Validator/Vulnerability Management Lead to support the Unmanned Carrier Aviation Program Office (PMA-268) at Patuxent River Naval Air Station in Lexington Park, MD. PMA 268 is responsible for the MQ-25 Stingray unmanned air system. Telework available – Hybrid. Essential Duties & Responsibilities Assess and validate PMA-268 RMF packages (Authorizations to Operate (ATOs) and Interim Authorizations to Test (IATTs), to include but not limited to: Coordinate development of the Security Assessment Plan (SAP) with Integrated Product Team (IPT) SSE and system ISSO Submit SAP for approval Execute the SAP Provide a summary of failed controls in Enterprise Mission Assurance Support Service (eMASS) (Risk Assessment) Complete the Security Assessment Report (SAR) Provide POA&M update recommendations to the PMA/IPT based on assessment results Ensure traceability of all vulnerabilities from raw assessment results to the POA&M Support Continuous Monitoring (ConMon) activities (e.g. annual security reviews, system/changes/ Memorandums for the Record (MFRs)) Create consolidated list of mitigation statements for POA&Ms (unclassified) to assist ISSOs with established mitigation statements for common non-compliant security controls Vulnerability Management Lead Establish and execute a PMA-268 vulnerability management program, to include developing guidance for VRAM record creation and management Develop a PMA Vulnerability and Patch Management Policy Coordinate development of System level Vulnerability and Patch Management Plans (VPMP) NAVAIR Rapid Response Lead for PMA-268 will: Attend Rapid Response meetings Coordinate consolidated PMA-268 responses to Orders received (ie EXORD, OPORD, TASKORD) Monitor the NAVAIR Vulnerability Management Channel for notifications daily Maintain the PMA-268 Cyber Directive Status tracker Create and maintain a Cyber Directives tracker on SIPR to summarize the orders Manage PMA-268 Portfolio VRAM records