SCA-R Validator

8 Days Old

SCA-R Validator

Leidos is seeking multiple SCA-R Validators to assess programs' security posture and develop reports and recommendations for improvement. These positions can be based out of any of our three locations - Alexandria, VA, Fort Meade, MD, or Chambersburg, PA. These positions are primarily on-site, but partial telework may be available at the discretion of our customer and program management. Some travel may be required.

Responsibilities:

  • Use government-assigned tools to perform weekly updates, maintain records, and complete tasks.
  • Coordinate with ISSMs and PMOs to understand mission and business functions, security architecture, deployment locations, and planned and projected architectural and functional changes of assigned systems.
  • Conduct cybersecurity assessments, risk analyses (operational and technical) and authorization tasks across all RMF steps using approved RE5 tools and processes.
  • Verify authorization boundaries and categorize systems (FIPS199).
  • Identify data classifications and conduct system-level risk assessments.
  • Track system changes, assess impacts, and report updates to the AO.
  • Evaluate authorization and change requests, web filtering, firewall exceptions, ports/protocols, cybersecurity risks, STIG/SRG compliance, and on-site security.
  • Lead assessment visits, conduct briefings, and ensure proper documentation and reporting.
  • Attend required government training and meetings to stay updated on process changes.
  • Maintain access and proficiency in required government databases and cybersecurity tools.
  • Assess threats, vulnerabilities and cybersecurity risk for systems and compile findings into timely authorization packages to determine countermeasures and residual risk.
  • Support assigned systems throughout their lifecycle in alignment with FISMA requirements.
  • Submit weekly activity reports summarizing tasks, tracking IDs, and key updates.

Basic Qualifications:

  • Bachelor's degree (IT-related field preferred) and eight (8) years of cybersecurity or network security experience. Additional relevant experience may be considered in lieu of degree.
  • Active DoD Top Secret clearance with SCI eligibility required
  • Current DoD 8570 IAM II or IAT II certification
  • Five (5) years of experience in a Certification and Accreditation/A&A role
  • Demonstrated experience with STIGs (Security Technical Implementation Guides), Security Requirement Guides (SRGs), Plan of Action and Milestones (POA&Ms), and cybersecurity best practices
  • Advanced understanding of the RMF process, NIST SP 800-37, NIST SP 800-53, CNSSI 1253
  • Demonstratable experience in risk analysis, control validation, and as a Security Control Assessor Representative (SCA-R).
  • Demonstrated experience with relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS
  • Advanced understanding of key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications
  • Customer service skills
  • Ability and willingness to travel for assessments as required

Pay Range: $85,150.00 - $153,925.00

Location:
Alexandria

We found some similar jobs based on your search