Information Assurance Validator to Support

Canfield CyberDefense Group is looking for an experienced information assurance validator to support an upcoming contract with the Defense Information Systems Agency. This position will provide independent validation and verification to ensure that CCG capabilities are following policy, such that the capabilities are cyber secured.

Please note that this position is contingent upon contract award.

• 5 years of specialized experience in the field of cybersecurity validation.
• Hold an active Secret clearance
• Have an Information Assurance Manager (IAM) Level II certification in accordance with DoD 8570.01-M.
• Possesses functional knowledge of DoDI 8510.01, Committee of National Security Service Instruction (CNSSI) 1253, National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 rev4.
• Hands-on experience utilizing DoD-approved scanning/testing tools (Nessus, Security Technical Implementation Guides (STIG) Checker, Security Content Automation Protocol (SCAP), etc.), and performing analysis of output. 
• Able to interact with the Information Systems Security Manager (ISSMs), System Information Systems Security Officer (ISSOs), Information Systems Security Engineers (ISSEs), and Security Controls Assessor (SCA) regarding interpretation of STIG requirements and applicability of security controls and required documentation/artifacts needed prior to a validation event.
• Able to conduct STIG research and ensure compliance with all necessary STIG checklists.
• Capable to review security controls and developer documentation; and, report missing or outdated documentation to stakeholders.
• Capable to complete all Cybersecurity Assessment Readiness Review (CSARR) presentation slides and conduct the CSARR meeting.
• Experienced in completing and submitting a Security Assessment Plan (SAP).
• Experienced in conducting daily hotwash during validations; providing analysis of validation results and submitting Security Assessment Report (SAR); upload validation results into eMASS and other repositories.
• Experienced using Enterprise Mission Assurance Support Service (eMASS) is preferred.