Lockheed Martin Fully Qualified Navy Validator / Navy Qualified Validator / Virginia Beach in Virginia Beach, Virginia
This position will support the Cybersecurity/Information Assurance mission for the Combat Direction Systems Activity (CDSA) located on the Dam Neck Annex of Naval Station Oceana. The selected candidate will require privileged access and will be considered a member of the Cybersecurity Workforce (CSWF) designated as an Information Systems Security Officer DoN M5239.2 Specialty Code (46) System Security Analysis. Duties and responsibilities for this position include: Cybersecurity Compliance: • Reviews, updates, validates and authors Cybersecurity procedures (SOPs) as required. • Reviews and maintains an inventory of authorized software. • Reviews and maintains an inventory authorized external (USB) devices and media. • Audits and validates configurations deployed on laptops, workstations, and servers. • Audits and validates configurations of network devices based on DISA STIGs. • Provides monitoring, and analysis of laptop, workstation, server and network audit logs. • Ensures AV is properly deployed and current signatures are implemented across the laptops, workstations and servers. • Monitors, reviews and reports on data restoration capabilities. • Familiar with HBSS and ACAS from a compliance and reporting perspective. • VRAM management on unclassified and classified networks (two security domains) - Basic system knowledge including ability to upload scan data. - Reports compliance for Cyber directives including IAVs, TASKORDs, FRAGORDs, etc. - Create, implement and maintain system baselines. DIACAP Certification and Accreditation (C&A) / RMF Assessment and Authorization (A&A) • Maintain and update all C&A/A&A documentation to ensure the relevancy and currency of CDSA Dam Neck assets to include required revisions and updates in eMass. • Conduct comprehensive annual C&A/A&A package reviews to ensure continued compliance of the CDSA Dam Neck Systems and Networks. • Ensure traceability is maintained throughout the C&A/A&A packages (e.g.: C&A Plan, POAM, RAR, Topology, Software, Ports Protocols and Services, Test Plan, etc.). • Review/maintain network and system documentation in DITPR-DON / DADMS. • Maintain documentation and registration of Network Ports, Protocols, and Services. • Maintain and report on the status of all outstanding C&A/A&A items and supporting documentation. • As a member of the Configuration Control Board (CCB), ensures CCB approved changes are timely and accurately reflected in the C&A documentation. Vulnerability Assessment and Remediation • Support compliance validation of current and future directives (e.g.: IAVs, STIGs, CTOs). • Provide recommendations for corrective action of any non-compliant security controls. • Execute DISA STIG validations for systems in conjunction with C&A/A&A package reviews annually. • Provide security expertise to ensure security controls are implemented and the resulting documentation and artifacts are current. • Document assessment activities and results in sufficient detail to enable external review of all assessment processes, activities, results, and conclusions. Contingency and Disaster Recovery • Conduct and document a table top exercise each calendar year. • Produce test plans, draft after actions and other documents for review and comment. • Review and/or revise Business Impact Analysis (BIA) to include business process, IT dependency, and physical security assessments. • Review and analyze IT contingency / disaster recovery plans for NIST and DoN compliance, and produce checklists for IT systems. • Assist with exercise and/or training and documentation of IT contingency plan. • 3-5 years A&A package review and eMASS experience. • 3-5 years experience with Microsoft Windows Desktop and Server products. • 3-5 years experience with RHEL and/or Linux.
Basic Qualifications The following knowledge, skills and abilities should be considered the minimum requirements for this position: A&A package review and eMASS experience. Microsoft Windows Desktop and Server products. Experience with RHEL and/or Linux. • Fully Qualified Navy Validator (FQNV) or Navy Qualified Validator (NQV) preferred. Due to the privileged access, the selected candidate must possess a T5 (SSBI) security investigation and a Secret level clearance.
Desired skills Navy Qualified Validator Level II preferred, but not required.
As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.
Join us at Lockheed Martin, where we’re engineering a better tomorrow.
Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
Job Location(s): Virginia Beach Virginia