Navy Qualified Validator (Information Security Analyst)

Job Title: Navy Qualified Validator (Information Security Analyst)

Location: Portsmouth, VA (Onsite)

Clearance: Active DoD Secret

Start: Based on Contract Award

Discover an exciting career at Foxhole Technology, an innovative IT Engineering firm founded in 2007. As leaders in cybersecurity, DEVSEC OPS, Agile Development, Cloud and IT support for federal civilian and defense agencies, we're at the forefront of addressing complex technology challenges. Our talented employee-owners provide agile, scalable solutions, bridging operational gaps, operating critical systems, and securing enterprises worldwide. If you're ready to be part of a team driving impactful innovations, apply today and shape the future of IT with us!

Foxhole Technology is seeking an experienced Navy Qualified Validator to support a federal government client. The position shall support the revision of the entire end-to-end A&A process. Provide overarching expertise for the A&A process. Ensure the necessary planning, outreach, execution, and dissemination of lessons learned/after action reports. Engage pertinent stakeholders and cross-functional event support SMEs as required to provide an overall framework for managing and coordinating necessary communications that directly, or indirectly, influence objectives and tasks. Support all Inspection and Audits conducted at the organization.

Review A&A package submissions to ensure system/network architectures and technical/non- technical operating features adequately protect and defend against unauthorized access, ensure systems availability, and meet Cyber Security (CS) implementation policy requirements and data protection safeguards.
• Conduct CS compliance and A&A documentation validation assessments for legacy applications, systems and networks.
• Develop, or expand existing A&A and CS documentation to ensure complete documentation exists in accordance with DoD A&A and IA/CS policy.
• Perform Cyber Compliance (CC) risk assessments to evaluate system risks and provide written risk assessment reports including overall risk analysis reviews and recommendations to the Authorizing Official (AO) and Functional Authorizing Official (FAO).
• Respond to feedback from the AO and FAO in the form of comments and instructions to ensure coordination of efforts and to correct errors, information omissions and shortfalls in A&A documentation packages.
• Communicate feedback to customers, coordinate corrections collect responses and validate prior to forward for processing.
• Develop procedures to support A&A workflow processes, criteria needed to facilitate authorization processes and AO/FAO authorization decision milestones.
• Streamline A&A package efforts based on RMF status and complexity, unless operational requirements necessitate a waiver.
• Attend meetings on behalf of the A&A team, take notes and prepare written feedback on the content and outcome of meetings, and follow-on tasks including recommendation and suggestions.
• Support implementation of CS/IA policy requirements (i.e. Business Rules, Standard Operating Procedures (SOP). Assist users with CS related issues and provide other CS support as the need arises (e.g., auditing, contingency planning, CS awareness training, risk assessments, etc.).
• Review quarterly STIG to ensure proper configuration and settings are still met and up to date (both systems and policies).
• Develop and maintain metrics / dashboards to provide visibility and context needed by internal and external stakeholders.

• Minimum of 7 years of experience in in CS/A&A analysis support in IA controls analysis, conducting risk assessments, risk mitigation analysis, or developing plans
• BS Degree in IT or related discipline
• Active DoD Secret Clearance

• Personnel qualified and registered as a Navy Qualified Validator (NQV)
• Experience in certifying and accrediting DON information systems and networks, as well as Platform IT.
• Expert knowledge of and experience with CS/RMF requirements as defined by Public Laws, National, DoD, and DON guidance [e.g., Federal Information Security Management Act (FISMA), DoDD 8100.02, DODI 8500.01, DoDI 8520, DoDI 8530, DoDI 8531, SECNAV 5239 Series and OPNAV 5239 Series, NIST Special Publications Series 800, etc.]
• Fully qualified in accordance with DoD 8570.01M.
• Security + or higher certification

Requirements of position: Think analytically, effective verbal and written communication skills, make decisions, observe/remember details, interpret data, concentrate on tasks, adjust to change, handle stress/emotions. Regular attendance, maintain work schedule, attend meetings, meet deadlines, keyboard/type, handle confidential information, use math/calculations, stay organized, operate office equipment, may direct others. May be exposed to dust/dirt, humidity, and noise.

Foxhole Technology is an Equal Opportunity Employer and makes hiring decisions without regard to race, color, religion, sex (including pregnancy, childbirth and sexual orientation), national origin, age, disability, genetic information, military/veteran status, or any other protected class.