Cybersecurity Analyst (NQV) - 25-003

JOB TYPE:  FULL-TIME

COMPETITIVE SALARY, COMPREHENSIVE BENEFITS AND A COMPANY THAT CARES!

Relocation May Be Considered

AUSGAR Technologies, Inc., an EOE Minorities/Females/Disabled/Veterans employer, is an established Service-Disabled Veteran-Owned Small Business (SDVOSB) Department of Defense, government contractor with core competencies in Information Assurance, Cyber Security and Systems Engineering. With offices on both the East and West coasts, an inviting culture and above-standard benefits, opportunity abounds for the right individual!

Cybersecurity Analyst (NQV) – 25-003 – Norfolk, Virginia

AUSGAR Technologies has an exciting opportunity for a Cybersecurity Analyst (NQV) to join our team of smart and innovative technical team members working in Norfolk, Virginia.

The ideal candidate will play a critical role in supporting the Risk Management Framework (RMF) Assessment and Authorization (A&A) processes for the Navy Continuous Training Environment (NCTE). The Navy Qualified Validator (NQV) will be responsible for the technical implementation of the RMF and will conduct cybersecurity and risk assessments on NCTE networks, systems and applications to identify and mitigate technical and non-technical vulnerabilities.

Duties include, but are not limited to:

• Serve as a trusted agent and technical representative to the Security Control Assessor (SCA), conducting thorough technical evaluations of systems to assess compliance with assigned security controls. 
• Conduct security assessments and create RMF documentation, including Security Assessment Plan (SAP), eMASS Risk Assessment, Security Assessment Reports (SARs), SAP Executive Summary and SAP Body of Evidence (BOE). 
• Provide accurate assessments and document security posture, capabilities and vulnerabilities.
• Lead the creation of SAPs and SARs and develop executive summaries to convey technical findings and risk assessments to senior leadership. 
• Perform detailed risk analysis, identify system vulnerabilities and provide comprehensive recommendations for risk mitigation. 
• Verify, validate and document risk, perform security control assessments and document compliant and failed security controls in eMASS.
• Assess STIGs and SRGs.
• Ensure traceability of all vulnerabilities from raw assessment results to the Plan of Action and Milestones (POA&Ms).
• Support the continuous monitoring program, as necessary. 

The physical demands and work environment described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. Reasonable accommodation may be made for individuals with disabilities to perform the essential functions.

• Must possess a Secret security clearance, with the ability to obtain a Top Secret.
• IAT Level II certificate or higher required, i.e., Security+ CE, CASP, CISSP.
• Must possess a Navy Qualified Validator Certification (NQV) in good standing and must be on the most recent NQV list available.
• Bachelor’s degree in Information Technology or related field or business-related field required, advanced degree preferred.
• Minimum of 3 years of experience in cybersecurity validation, risk assessment and supporting RMF A&A processes for DoD and Navy systems.
• Hands-on experience conducting vulnerability assessment and analysis utilizing standard technologies, such as Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS)/Nessus scans and Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG)/Security Requirements Guide (SRG).
• Ability to read, interpret and conduct traceability across architecture/topology diagrams, Ports. Protocols and Service Management (PPSM), hardware/software lists and other artifacts.
• Well-versed with the role of a validator for multiple RMF authorization types, including baseline changes (use cases), Automatic Speech Recognition (ASR), Authority to Operate (ATO), Corrective Action Requests (CARs), Denial of Authorization to Operate (DATO) & HRR/HR. 
• Substantive knowledge of NIST Risk Management Framework (RMF) and the NAVWAR Risk Assessment Guide.
• In-depth knowledge of the NIST Special Publications with focus on 800-53 and 800-37.
• Knowledge of IT security principles and methods, such as firewalls, demilitarized zones and encryption standards.
• Travel required: Approximately 10%.

  Salary Range: $95K-$105K

An essential qualification for this position is successfully obtaining a Secret security clearance issued by the Federal Government, which may require successful completion of a background check. 

AUSGAR’s salary range is dependent upon a variety of factors, which include experience, skills, education, certifications and geographical location. Our salary range includes a base salary and excellent benefits package as part of our total compensation. 

AUSGAR Technologies, Inc. is an equal employment opportunity and affirmative action employer and is committed to engaging in affirmative action to increase employment opportunities for females, minorities, protected veterans and individuals with disabilities. 

If you are a qualified individual with a disability or a disabled veteran and need assistance in completing the application, you have the right to request reasonable accommodation. Please e-mail us at jobs@ausgar.com if you are unable or limited in your ability to use or access www.ausgar.com careers page as a result of your disability.