Koam Engineering Systems, Inc. (KES Inc.) is an employee owned small business specializing in technology innovation and systems integration by combining innovative products and reliable engineering services. Headquartered in San Diego, California and with offices in Gig Harbor, WA KES provides services globally in systems engineering & technical assistance, requirements analysis, software design & development, systems integration & testing, independent verification & validation, and operational & logistic support.
Position Summary
The Navy Validator IV will perform cybersecurity assessments and validate that Navy information systems meet Department of Defense (DoD) and Department of the Navy (DON) security requirements using the Risk Management Framework (RMF) process. Key duties include assessing vulnerabilities, evaluating compliance with Security Technical Implementation Guides (STIGs) and DoD policies, reviewing security documentation like System Security Plans (SSPs) and Risk Assessment Reports (RARs), and managing eMASS data entry. They serve as trusted advisors to the Navy Authorizing Official (AO) to help achieve Authority to Operate (ATO) for systems.
Responsibilities
- Conduct Assessments and Validation: Perform security control assessments, validate system security features, and assess risks for both technical and non-technical aspects of systems.
- Manage RMF Documentation: Develop, review, and maintain RMF documentation, including SSPs, Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (PO&AMs).
- Vulnerability Analysis and Risk Mitigation: Analyze system and network vulnerabilities, conduct vulnerability assessments, and provide expert support for risk mitigation strategies.
- Ensure Policy Compliance: Ensure systems comply with all applicable DoD and DON cybersecurity policies, standards, and procedures, including STIGs and other security requirements.
- Utilize Security Tools: Use security tools and processes, such as the Assured Compliance Assessment Solution (ACAS) and Security Content Automation Protocol (SCAP), for vulnerability assessment and STIG execution.
- Manage Enterprise Mission Assurance Support Service (eMASS): Enter and manage system security information and RMF-related data within the eMASS system.
- Collaborate with Stakeholders: Work closely with system owners, system administrators, engineers, and other stakeholders to identify, address, and resolve security gaps and vulnerabilities.
- Provide Expert Advice: Act as a trusted agent and provide expert advice to the Authorizing Official (AO) and Security Control Assessor (SCA) regarding risk determination and RMF process implementation.
- Continuous Monitoring Support: Support continuous monitoring programs to ensure ongoing system security and assist with contingency planning and testing.
- Other Duties as assigned.
Experience
- At least 10 years of experience in validation, RMF package development, or related Cybersecurity Workforce (CSWF) functions.
- Must hold one of the following: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP.
- Must possess a Fully Qualified Validator Certificate" from the Navy Certification Authority (CA)
Qualifications and Educational Requirements
Required
- Bachelor's degree in computer science.
- US Citizenship
- Current DoD SECRET security clearance is required.
Since 1995, KES continues to foster the entrepreneurial spirit of a growing small business that focuses on the needs of its customers and employees and serves to provide a rewarding and challenging career. KES offers a competitive salary and full range of benefits. KES, Inc. is an EEO/AA Employer committed to hiring and retaining a diverse workforce.
|
KOAM Engineering Systems (KES)
Aug 29, 2025 