Active Secret Clearance | Bachelors Degree | 10 Yrs Experience 

ACES is seeking a Navy Qualified Validator who will be responsible for providing independent and objective validation of Risk Management Framework (RMF) security controls to support the Navy Security Control Assessor (SCA). This role involves conducting comprehensive assessments of information systems to ensure compliance with Navy cybersecurity policies and standards. The successful candidate will review and evaluate the implementation and effectiveness of security controls, identify potential vulnerabilities, and document findings in detailed assessment reports. Additionally, the individual will collaborate with system owners, engineers, and other stakeholders to address security gaps and recommend corrective actions, ensuring that all systems meet the required security posture before authorization.

Please call or email today if interested (Info@ACESGroup.com / 660-441-1689).

OPPORTUNITY

• Contract Length: 5 Years
• Work Location: Philadelphia, PA
• Clearance: Active Secret
• Start Date: Jan/Feb 2026

QUALIFICATIONS

• Education/Experience: Bachelors degree in STEM field. 10 years of A&A and cyber assessment experience. Certification: Navy Qualified Validator III and one of the following baseline certs:  CCNA-Security, CySA+, GICSP, GSEC, Security+ CE,  CND, or SSCP.
• Technical: This position requires a thorough understanding of RMF processes, Navy-specific cybersecurity requirements, and the ability to provide expert guidance on achieving and maintaining compliance throughout the system lifecycle.

PRIMARY RESPONSIBILITIES

• Maintain active qualification as a Navy Qualified Validator (NQV) by meeting all Cybersecurity Technical Authority (CSTA) standards, obtaining appointment by the Navy Security Control Assessor (SCA), and sustaining a passing Proficiency Tracking Record (PTR) score.
• Serve as an independent and objective validator under the oversight of the Navy SCA, ensuring impartial assessment of system security controls and RMF package compliance across assigned programs.
• Develop, review, and execute Security Assessment Plans (SAPs) that define the assessment scope, testing methodology, and validation approach for system controls in accordance with Navy and DoD RMF guidelines.
• Validate the implementation and effectiveness of security controls through direct observation, on-site testing, system examination, documentation review, and stakeholder interviews to ensure compliance with accreditation requirements.
• Conduct configuration compliance reviews using applicable Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) to verify that systems meet established baseline standards.
• Ensure complete traceability between security artifacts and corresponding RMF controls, confirming that all evidence accurately supports control implementation and risk determinations.
• Review and verify that all identified vulnerabilities are properly documented in system Plans of Action and Milestones (POA&Ms), ensuring findings are tracked and mitigated in accordance with Navy RMF policy.
• Compile and present formal assessment documentation, including Risk Assessment summaries, Security Assessment Reports (SARs), and SAR Executive Summaries, clearly articulating risk posture and residual vulnerabilities for authorizing officials.
• Provide expert-level technical consultation and risk advisory support to Program Managers, Information System Owners, Information System Security Managers (ISSMs), and Information System Security Officers (ISSOs) to guide effective remediation strategies and maintain accreditation readiness.