Act as an Information Assurance Analyst or NAVSEA client PMS 339T Division. Assist Navy Organization with Software and Information Technology (IT) efforts related to training system acquisition and Information Assurance (IA) accreditation. Position will conduct A&A and C&A activities through RMF and DIACAP for Defense Business Systems, Research, Development, Test and Evaluation (RDT&E), and Platform Information Technology (PIT) and networks within Navy Enterprise Mission Assurance Support Services (eMASS) or its successor, in accordance with current DoD, DON, and NAVSEA policies.
This position conducts in-depth technical reviews of A&A and C&A documentation from NAVSEA Program Executive Offices (PEOs) and field activities seeking authorization and/or accreditation from the Navy Authorizing Official (NAO) or the Functional Authorizing Official (FAO) in accordance with appropriate policies and procedures.
Based on the technical reviews conducted, develop recommendations for correctives actions and/or courses of action. This includes, but is not limited to, recommendations on the following: validation test procedures, validation artifacts, validation plans and procedures, compliance status, validation tests, and validation results/reports and supporting documentation.
Duties and Responsibilities
- Assist Surface Warfare Training Systems (PMS 339), and liaison with SEA 21 and NAVSEA field activities in preparing their A&A and/or C&A documentation for submission to the NAO/FAO
- Schedule and facilitate collaboration meetings between the Security Controls Assessor (SCA), NAVSEA Echelon II representatives, and appropriate program offices, Warfare Centers and Engineering Agents
- Assist in executing Cyber Security Assistance Visits at various NAVSEA activities with a focus on the A&A and C&A efforts of the activity being assisted. Trips are usually 3 to 5 days in duration and estimated to occur 6 to 8 times per year
- Maintain the Department of Defense Information Technology Portfolio Repository-Department of the Navy (DITPR-DON) database, used to record the present status of all NAVY IT systems.
- Having a working knowledge of Enterprise Mission Assurance Support Service (eMASS) and Risk Management Framework (RMF) and the ability to access security controls.
- Provide reports as required such as, but not limited to, weekly metrics regarding A&A packages, risk metrics, and data calls.
- Familiar with DOD and DON cyber directives and policy and assist the Cyber PM, Warfare centers and engineering agents in the implementation and execution of those directives and policies.
- Have the ability to communicate with both senior and middle management teams effectively both written and oral.
- Coordinate meetings, determine required actions and develop documentation and briefings to make leaders and aware of the IT status for PMS 339 systems.
- Work with stakeholders and various IT organizations to capture the required data for our systems.
- Performs additional duties as assigned.
Required Education and Experience
- Bachelor’s degree in Information Assurance, Computer Science or a related field plus 8-10 years of directly related experience. Educational requirements may be adjusted or waived for applicable work experience and/or CISSP certification.
- Work experience may be adjusted for highly specialized knowledge or uniquely applicable experience for positions involving new technology or labor market shortages as reflected by market survey data.
- Hands-on experience with Enterprise Mission Assurance Support Service (eMASS) and Risk Management Framework (RMF) and the ability to access security controls is required.
- Demonstrated proficiency with Risk Management Framework (RMF) and Navy Certification and Accreditation (C&A) processes
- IAT Level II certification or higher is required (i.e. Security +,GSEC, CySA+, CCNA Security, SSCP, GISCP, CISSP, CISM, CAP, CISA, CCNP Security, or GSLC.)
- Advanced Microsoft Office Suite capabilities and experience.
- Must be able to obtain and maintain an Active Secret Security Clearance in JPAS.
- Active clearance is preferred.
Knowledge, Skills and Abilities
- Ability to communicate effectively and clearly present technical approaches and findings.
- Ability to apply technical expertise, and may have knowledge of other related disciplines.
- Ability to work effectively in a diverse work group.
- Excellent written and verbal communication skills
- Knowledge of Navy training systems and organizations a plus.