At ValidaTek, we modernize and optimize IT services to solve some of the most critical challenges facing federal civilian and defense agencies. From customers to partners to top-talent employees, ValidaTek puts people first, empowering them to exceed expectations and transform government organizations. Our success starts and ends with our people, so we built a company where great people can do great things, with the resources and autonomy to make decisions that transform organizations. We operate as one team of diverse people, united by a passion for continuous growth and optimization. Our commitment to quality and performance optimization is the reason why our IT Service Projects and New Development Projects have been appraised at CMMI Maturity Level 5, positioning us as one of a handful of elite companies to receive the highest form of third-party validation. www.validatek.com

Validatek is seeking a talented Information Assurance SME to support an enterprising program with our DISA customer.

• Serve as the knowledge expert of all security related aspects of the JSP computing environment. 
• Provide expertise implementing and maintaining security postures within complex network architectures. 
• Provide expertise in Defense in Depth concepts supporting DoD infrastructures, C&A, physical and personnel security concepts. 
• Provide the appropriate level of confidentiality, integrity, availability, authentication, and non-repudiation IAW DoD 8500.01, DoD 8500.2, Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, NIST 800-37 Risk Management Framework, NIST 800-137 Information Security Continuous Monitoring, as well as local security policies created and enforced by JSP’s Cyber Security Center. 
• Work in support of other JSP customer organizations to integrate and automate IA solutions.
• Establish a robust security posture for JSP IT environments by independently identifying vulnerabilities, remediating found vulnerabilities, and improving processes to maintain a robust security posture as it pertains to the Information System (IS) vulnerability management. 
• Ensure that all managed assets are compliant and communicating with all required security tools, such as HBSS, ACAS, Splunk, Tanium and SCCM.
• Provide System/Windows updates. Support all versions of the JSP standard image security updates and policies to include technology enhancements, upgrades, and/or replacements and address security vulnerabilities as prescribed by DoD orders which include U.S.Cyber Command (USCYBERCOM), JFHQ DODIN and DISA.
• Provide computer security response support. Provide immediate response in the investigation of computer security incidents deemed to originate from the Platform Services in line with CJCSM 6510.01.
• Ensure all assets supported by JSP are fully compliant with JFHQ-DODIN OPORDS, TASKORDs (10-12 a month), IAVM notifications and STIG requirements per published compliance dates.
• Provide compliance support. Ensure all assets supported by JSP are fully compliant with JFHQ-DODIN OPORDS, TASKORDs (10-12 a month), IAVM notifications and STIG requirements per published compliance dates.
• Provide compliance with IA, Hardware, Software, Procedural, Physical, and Personnel Security Inspections Support. Assist the Government Security/IA Manager(s) in the development, implementation, and execution of a facility-wide, fully compliant security program for all aspects of Physical Security, Personnel Security, IA Security, Communications Security, and Government-required compliance monitoring, reporting, and tracking.
• Provide RMF program and processes that enables system owners to ensure systems are compliant and operating under appropriate security and assurance controls for the full system lifecycle.
• Support the Connection Approval Program (CAP), A&A Support and Tenant Security Plan (TSP). Support all activities needed to obtain A&A on all the tenant networks, equipment, and systems at all classification levels with the JSP IT platform services and hosted levels.

• Active DoD Top Secret clearance.
• Bachelor of Science in Information Technology Security Management, telecommunications, management information systems, and 5+ years of related experience.
• Information Assurance (IA) Certification: DoD 8570 IAM II certification. (CAP, CASP+ CE, CCISO, CISM, CISSP, GSLC)
• Computing Environment (CE) Certification: Recent and relevant technical certification.
• Proven experience implementing and maintaining security postures within complex network architectures. 
• Possess knowledge of Defense in Depth concepts supporting DoD infrastructures, C&A, physical and personnel security concepts. 
• Demonstrated ability for oral and written communication with the highest levels of management. 
• Experience in a DoD Technology environment. 
• Experience/knowledge of the DoD IAVM programs. 
• Knowledge of the DISA VMS and CMRS. 
• Knowledge of the DoD vulnerability scanning requirements utilizing DOD DRSI Standards and Tools. 
• Experience in FISMA, OMB, DoD IG Inspection, ACA, and other accreditation and certification programs. 
• Knowledge of the Defense in Depth concepts and implementation. 
• Knowledge of A&A processes RMF NIST SP-800-37. 
• Knowledge of NIST SP 800-53R Common Control documentation and validation. 
• Knowledge of Incident Response, Auditing, and CNDSP. 
• Knowledge of and comprehension on how to implement 8570.01-M./DoD 8140. 
• Demonstrated ability for oral and written communication with the highest levels of management.

USD $95,577.60/Yr.

USD $159,296.00/Yr.

Actual salary will be based on a variety of factors including but not limited to experience, geographic location, contract affordability, internal equity, education, and certifications.

The upper end of the salary range may be reserved for individuals who have demonstrated tenure with the company, seniority, and proven excellent performance. This includes factors such as education, certifications, and extensive/unique experience beyond what is required.

ValidaTek is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, or disability status.

Applicants who are selected for employment will be required to verify authorization to work in the United States.

Offers of employment will be contingent upon passing a post-offer background check.