Navy Qualified Validator

KBR • Full-time • Washington, District of Columbia, United States of America • 2d ago

Title:

Program Summary:

KBR’s Product and Technology Solutions Division specializes in rapid prototyping and advanced technology solutions for directed energy, electronic warfare, and security applications. With expertise in electronic warfare systems, critical infrastructure protection, and product R&D, KBR delivers cutting-edge innovations to meet mission-critical needs. Backed by a global presence and a strong ethical framework, KBR collaborates closely with customers to develop secure, effective, and forward-thinking solutions.

Job Summary:

KBR is currently seeking multiple Navy Qualified Validators (NQV). The NQV will provide support to the Naval Research Laboratory located in Washington, DC in accordance with the Navy RPG and NAVWAR Risk Assessment for the following activities: documentation, and artifacts in support of obtaining ATO from the appropriate AO.

Roles and Responsibilities:

NRL NQVs will fulfill the following core functions to support the Navy's RMF process and FSCA activities:

Ability to conduct independent security control assessments according to NIST standards.
Documentation Review: NQVs will review all RMF documentation, including but not limited to the System Security Plan (SSP), Security Assessment Report (SAR), and Plan of Action and Milestones (POA&M) to ensure that documentation aligns with NRL, Navy, and DoD cybersecurity policies, procedures, and standards. NQVs will validate the accuracy, completeness, and consistency of all system documentation.
Independent Validation: NQVs will conduct independent validation of RMF controls for information systems and networks per the Navy RMF Process Guide. NQVs will verify that all security controls have been correctly implemented and are functioning as intended. NQVs will ensure the system's security posture is adequately documented, and all relevant artifacts are available for review by the Navy Authorizing Official (NAO)/Functional Authorizing Official (FAO) as appropriate.
Assessment and Analysis: NQVs will conduct thorough assessments of security controls based on criteria set forth in NIST SP 800-53, CNSSI 1253, and other applicable Navy and DoD cybersecurity frameworks. NQVs will perform technical validation of implemented controls, including but not limited to vulnerability scanning, configuration assessments, and security testing. NQVs will analyze findings to determine potential impacts and likelihoods, contributing to a risk-based decision-making process.
Risk Identification and Reporting: NQVs will identify, categorize, and document cybersecurity risks, vulnerabilities, and deficiencies discovered during the validation process. NQVs will provide comprehensive risk assessments that include severity ratings, likelihood determinations, and potential impact assessments. NQVs will recommend actionable and prioritized remediation strategies or compensating controls to address identified risks.
Annual Security Reviews (ASRs): NQVs will support ASR activities per the Navy SCA Risk Assessment Guide. NQVs will validate and assess a subset of the security controls per the system’s approved System Level Continuous Monitoring (SLCM) Strategy. Each annual review will include verification of compliance of inherited controls within those families.
Functional Security Control Assessor (FSCA) Liaison Support: NQVs will serve as FSCA-Liaisons (FSCA-Ls) as needed to review NQV validations and support the FSCA in their duties to include but not limited to reviewing NQV generated SARs, drafting SAR Executive summaries, and reviewing and grading NQV assessments. FSCA-Ls will ensure all FSCA assessment documentation are aligned with NQV findings and the overall cybersecurity posture of the system. Serving as FSCA-Ls, NQVs will ensure that independent validation efforts adhere to the Navy SCA Risk Assessment Guide and assess the quality of assessment documentation to include but not limited to the SSP, SAP, Security Test Report and the SAR. As FSCA-Ls, NQVs will provide subject matter expertise and support to the FSCA in conducting assessments, validating security controls, and addressing deficiencies or gaps identified during the RMF process.

Basic Qualifications:

Must be a U.S. citizen.Must possess or have previously possessed DoD SECRET security clearance or higher
Must be Navy Qualified Validator appointed by the NAVY SCA.
BS/BA degree. In lieu of degree 8 years additional related work experience
10+ (Ten) years of directly related experience.
Experience with Risk Management Framework (RMF) and tools like eMASS (Enterprise Mission Assurance Support Service).
Prior professional cybersecurity experience.
Experience with cybersecurity for cloud environments and knowledge of the Defense Information Systems Agency's Security Technical Implementation Guides (STIGs) is beneficial.
General National Institute of Standards and Training Special Publications (NIST SPs) knowledge
Assessment and Authorization (A&A formerly C&A, i.e. RMF and DIACAP respectively) knowledge

Preferred Qualifications:

Prior experience with IT/OT systems is preferred.
A DoD 8570.01-M IAM/IAT Level III certification
Security+
Certified Authorization Professional (CAP)
Certified Information Systems Security Professional (CISSP)
Certified Advanced Security Practitioner (CASP)

Compensation: $129,300 - $194,000. The salary range posted is for Washington, DC location. The offered rate will be based on the selected candidate’s location, knowledge, skills, abilities, and/or experience, contract affordability, and in consideration of internal parity.

Benefits:

KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule. We support career advancement through professional training and development

Belong, Connect and Grow at KBR

At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team’s philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver – Together.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

Apply