Cybersecurity Validator (IV&V) / Active Secret

Peraton

$104K — $166K *
Quantico, VA 22134In-Person
Information Technology
8 - 10 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 8+ years of experience with a BS/BA; or 6+ years with MS/MA; or 3+ years with a Ph.D; additional experience considered in lieu of degree.
  • IAT II Certification required (8570) or Security Control Assessor-Intermediate (8140).
  • Required experience with ACAS and SCC/SCAP.
  • Preferred experience in eMASS.
  • Understanding of USMC or DOD RMF requirements for authorization and accreditation.

Responsibilities

  • Plan, lead, and conduct verification and validation activities for cybersecurity services.
  • Assess security controls, technical and documentation artifacts for compliance and risk.
  • Interpret cybersecurity guidance and assess compliance in various areas like RMF and cloud operations.
  • Prepare documentation following accepted guidelines such as RMF.
  • Analyze policies against federal regulations for compliance and POA&M development.
  • Conduct security program audits and perform vulnerability assessments.
  • Support Security Control Assessor (SCA) operations.

Benefits

  • Flexible work location with occasional telework options.
  • Opportunities to collaborate with U.S. Marine Corps on critical missions.
  • Engage in a vital role supporting national security through cybersecurity.
Full Job Description
Responsibilities

Peraton is hiring an experienced Cybersecurity Validator (IV&V)

 

Location: Kansas City, MO, Quantico, VA, or Camp Lejeune, NC; Flexible for occasional telework – must be local to work location.

 

Overview

We are seeking an Independent Verification and Validation Specialist to:

  • Support U.S. Marine Corps (USMC) enterprise-level hybrid-, multi-cloud operations.
  • Enable USMC world-wide customers to execute critical missions.

What you will do:

  • As a Independent Verification and Validation Specialist (Validator), you will work with a team responsible for validating system compliance with RMF Framework, DOD/Navy/USMC/MCCOG/HCS cybersecurity requirements for systems in the hybrid-, multi-cloud enterprise environment. 
  • You will conduct validation of vulnerability analysis and self- assessment technical reviews, authorizaton and accreditation documentation and provide recommendations to government leadership on the risks associated with operating on or connected to USMC networks.  

Responsibilities include:

  • Planning, leading and conducting verification and validation activities for cross-functional areas of Cybersecurity services.   
  • Assessing implemented security controls including technical and documentation artifacts to determine compliance and risk posture.
  • Interpreting information assurance & cybersecurity guidance and applying technical expertise to assess compliance and risk in the following areas:
    • Navy/USMC Independent Verification & Validation.
    • Authorization and Accreditation (C&A)/Assessment and Authorization (A&A) (including Risk Management Framework).
    • Private and public cloud operations including commercial cloud-hosted environments (FedRAMP/DOD Certification inheritance models). 
  • Preparing documentation from information obtained from customer using accepted guidelines such as RMF (Risk Management Framework).
  • Preparing risk scoring and assessment recommendations to government leadership.
  • Analyzing policies and procedures against Federal laws and regulations and provides recommendations for closing gaps to support Plan of Action and Milestone (POA&M) development.
  • Conducting security program audits.
  • Performing vulnerability assessments.
  • Completes required analysis of and posting information through governance systems, currently eMASS.
  • Supporting Security Control Assessor (SCA) operations.
Qualifications

Minimum requirements:

  • 8 years with a BS/BAdegree; or minimum of 6 years with MS/MA; or minimum of 3 years with PhD. An additional 4 years of experience will be considered in lieu of the bachelors degree. 
  • IAT II Certification required (8570) or Security Control Assessor-Intermediate (8140).
  • ACAS and SCC/SCAP experience required.   
  • eMASS experience and certification preferred.
  • Experience in USMC or DOD RMF requirements for authorization and accreditation.
  • Experience evaluating risk scoring.
  • Experience with Evaluate STIG, Open RMF, manual STIG review (STIG Viewer, .cklb) and other STIG compliance review and tracking tools and practices.
  • Knowledge and experience of cloud application of RMF and cloud security requirements.
  • Knoweldge of NIST 800-53A and experiencing applying those guidelines in evaluating a system for security risk and compliance.
  • Experience in documenting POA&Ms in eMASS and preparing and submitting Risk Assessment.
  • Experience developing, planning, and executing security test plans such as Security Assessment Plan (SAP) and Security Assessment Reports (SAR).
  • U.S. citizenship required. 
  • DoD Secret clearance/Tier 3 BI.

Desired: 

  • USMC or Navy Certified validator (preferred).
  • Azure cloud certification (Administrator AZ-104 and Security Engineer AZ-500).
  • RMF Certification.
  • ACAS certification.

 

 

Target Salary Range$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Peraton

More Information Technology Jobs

Find similar Cybersecurity Validator (IV&V) / Active Secret jobs:

NationwideQuantico, VA