207 Business Park Dr., Ste. 100

VA Beach, VA 23462

​​​​​​​​Employee Type: Full-Time
Location:  Suitland, Maryland 
Job Type: Navy Qualified Validator
Experience: 3+ Years


​​AERMOR is seeking qualified candidates who will ensure information security by managing information-related risks such as privacy, integrity, authentication, and confidentiality. Will provide consultative, technical research and analytical support on information security trends, standards, concepts, and solutions. Will prepare, validate, and maintain all artifacts required for the Certification and Accreditation of CNIC systems leveraging current IA controls (currently DIACAP, RMF and FISMA) guidance and methodologies. 

Responsibilities Include:​.

  • Create, maintain, and validate Information Security Analysis and Accreditation (A&A) packages for applications, systems, and networks in accordance with appropriate Department of Defense (DoD) policies and processes by working as a specialized expert in the field of C&A utilizing DoD Information Assurance C&A Process (DIACAP)/Risk Management Framework (RMF) methodologies (will use Navy DIACAP/RMF related tools, including DADMS/DITPR)
  • Support all certification and accreditation efforts along with the testing, mitigating, and documenting of security plans and site assessment/security testing as required
  • Be responsible for CCRI, CSICP and CSSP inspection preparation activities
  • Apply validator experience to determine mitigation strategies and record testing results in the Risk Analysis and Remediation (RAR) Plan and Plan of Action and Milestones (POA&M)
  • Be responsible for monitoring and auditing ACAS Security Console (SC) and CMRS data feeds and reporting directly to command ISSM
  • Recommend cyber security requirements to be included in the design, installation, operation, upgrade, or replacement of information systems
  • Prepare, format, and maintain all artifacts required for the Certification and Accreditation of CNIC systems leveraging current IA controls (currently DIACAP and FISMA) guidance and methodologies (This includes development of all DIACAP artifacts required to obtain and maintain full Authority to Operate on all CNIC systems)
  • Manage and maintain vulnerability scan management as well as IAVM IAW Navy TTPs/IAM SOPs
  • Develop reports that will support environment compliance and implementation status 

Required Skills and Experience:

  • 3+ years’ experience developing, maintaining, and reviewing DoD C&A packages
  • 3+ years’ experience using Navy DIACAP/RMF related tools, including DADMS/DITPR
  • Familiar with DOD cybersecurity requirements, ACAS, HBSS and eMASS to process and update A&A packages
  • Experience with vulnerability assessment scanning tools and reporting
  • An understanding of the RMF A&A process
  • Knowledge of IA and A&A roles throughout the software and system development life cycle
  • Knowledge of architectural methodologies used in design and development of information systems, including the physical structure of a system’s internal operations and interactions with other systems
  • Be able to assist in ensuring that all efforts meet confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems
  • Assess, validate configuration management (CM), change control board (CCB) requests while maintaining STIG/SRG checklists IAW current DISA mandates/requirements to allow for sustainment of CNIC secure baseline
  • Be able to provide strategic level A&A, and Network Incident metrics suitable for CNIC Senior Leadership review
  • Be able to develop detailed technical and non-technical briefings by providing informational updates to chain of command (via ISSM) regarding current and future developments, implementation of measurements, and data strategies
  • Be able to participate in discussions with Navy Authorizing Officials, working groups, and meetings regarding data sharing and data requirements when requested and as required by the ISSM
  • Be able to develop and maintain STIG checklist IAW current DISA mandates/requirements
  • Must be proficient with Microsoft Office (Word, Excel, and PowerPoint)
  • Must possess Excellent writing and communication skills 

Education Requirements

  • Bachelor's Degree (accredited four-year college or technical school) Field of Study: Cyber Security or related field
  • This position has been designated as a Cyber/IT Cybersecurity Workforce position in Specialty Area 61 to meet the program requirements of SECNAV M-5239.2.
  • Specialty Area 61: Certified Authorization Professional (CAP), Certified Information Security Manager (CISM), Cisco Certified Network Associate (CCNA) Routing and Switching, Certified Information Systems Security Professional (CISSP), CompTIA Security+ ce, CompTIA Advanced Security Practitioner (CASP) ce, GIAC Security Leadership Certification (GSLC) 

Apply Now​

For more information contact: careers@aermor.com

Navy Qualified Validator