-
Information Security Analyst (NQV)
- Leader Communications Inc. (Portsmouth, VA)
-
Position Summary
Seeking a full-time, experienced Navy Qualified Validator (NQV) to provide advanced Cybersecurity and Risk Management Framework (RMF) support for Navy systems and networks. The ideal candidate will bring deep expertise in Cybersecurity Assessment & Authorization (CS/A&A) processes, vulnerability assessments, and Navy-specific compliance standards. This role requires a strong mix of technical, analytical, and documentation skills to ensure Navy systems achieve and maintain Authorization to Operate (ATO) in compliance with DoD and DON policies.
Duties & Responsibilities
+ Perform Cybersecurity Assessment & Authorization (CS/A&A) analysis, ensuring compliance with DoDI 8510.01 (RMF) and Navy requirements.
+ Conduct risk assessments, risk mitigation analysis, and vulnerability analysis across systems, applications, and networks.
+ Provide NQV validation support for Navy systems, ensuring compliance with DoN A&A and RMF standards.
+ Execute Security Test and Evaluation (ST&E) activities, including analysis, reporting, and risk recommendations.
+ Manage and process Security Technical Implementation Guides (STIGs) using automated tools (e.g., SCAP, STIGMAN, eMASSter).
+ Maintain and update system records in Enterprise Mission Assurance Support Services (eMASS) and other RMF repositories.
+ Develop and execute Standard Operating Procedures (SOPs), CONOPs, Business Rules, and Contingency Plans for Navy systems.
+ Provide expert firewall policy and ports/protocols configuration support.
+ Develop and maintain hardware/software inventories, network boundary diagrams, and technical documentation.
+ Upload vulnerability scan data into VRAM and maintain baseline system configuration compliance.
+ Provide executive-level reporting, including Plans of Action and Milestones (POA&M) and risk mitigation recommendations.
+ Advise leadership on compliance with Federal, DoD, and DON cybersecurity laws, directives, and policies.
+ Navy Qualified Validator (NQV) credential with registration.
+ Cybersecurity / RMF requirements (DoDI 8510.01).
+ System/network vulnerability analysis and mitigation strategies.
+ Security Test & Evaluation (ST&E) processes and reporting.
+ STIG processing and automated compliance tools (SCAP, Evaluate STIG, STIGMAN, EMASSter).
+ RMF documentation and repositories, especially eMASS.
+ Contingency planning, training, and execution.
+ Firewall policy configuration and ports/protocols management.
+ VRAM vulnerability baseline uploads and configuration tracking.
+ Expert-level knowledge of DoD/DON cybersecurity directives (FISMA, DoDI 8500.01, SECNAV 5239, NIST SP 800 series, etc.).
+ Knowledge of OPNAVINST N9210.3 for safeguarding Naval Nuclear Propulsion Information.
This job description in no way states or implies that these are the only duties to be performed by this employee. He or she will be required to follow any other instructions and to perform any other duties requested by his or her supervisor
Education & Experience Requirements
+ Must have a minimum of 4 years’ related experience
+ Bachelor's degree in an IT-related discipline (e.g., Computer Science, Information Technology, Software Engineering) or Level II Certification (Security+ or better) AND four (4) years of relevant experience as described above.
+ Certifications such as Microsoft Certified: SharePoint Server Hybrid Administrator Associate, Microsoft Certified: Windows Server Administrator, and CompTIA Security+ are desired.
+ Active Navy Qualified Validator (NQV) registration
+ SECURITY CLEARANCE REQUIREMENTS: Secret
Skill & Certification Requirements
+ Active Navy Qualified Validator (NQV) registration.
+ Fully qualified per DoD 8570.01M requirements (IAT Level II or IAM Level II).
+ Demonstrated experience with eMASS, STIG processing tools, and vulnerability assessment tools.
+ Strong communication skills with ability to produce executive-level reports, POA&Ms, and project documentation.
+ Direct experience certifying and accrediting DON information systems, networks, and Platform IT.
+ Proven ability to advise Navy leadership on cybersecurity strategies and risk management.
+ Strong technical writing and presentation skills for producing high-quality deliverables.
+ Institutional knowledge of Navy cybersecurity mission-critical procedures, systems, and processes.
+ Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel, PowerPoint and Access), and other standard (Customer specified) applications.
+ Position requires sitting, for long periods of time. (Sedentary Work)
+ Most duties require extended use of a keyboard and computer monitor
+ May require lifting of 20-50 lbs
+ LCI is an Equal Opportunity Employer Veteran/Disabled
+ Leader Communications is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. If you’d like to view a copy of the company’s affirmative action plan or policy statement, please email [email protected]
-
Recent Searches
- HTST Operator (New Mexico)
- Software Engineer Data Visualization (United States)
- IT Principal Lead Mainframe (Parsippany-Troy Hills, NJ)
- Controls Monitoring Testing Consultant (Dekalb County, GA)
Recent Jobs
-
Information Security Analyst (NQV)
- Leader Communications Inc. (Portsmouth, VA)
-
Senior Project Engineer - Dallas/Concrete
- JE Dunn Construction Company (Dallas, TX)
-
Construction Project Engineer
- EMCOR Group (Raleigh, NC)
-
Physician (Pain Interventional)
- Veterans Affairs, Veterans Health Administration (Columbia, SC)