Principal Assessor II, Cyber Security

Job Description:

Principal Cyber Security Assessor II

ABS is a leading ship classification society driven by its mission of promoting the security of life and property and preserving the natural environment. With a focus on digitalization and sustainability, ABS is at the forefront of developing groundbreaking advances in the classification process.

The Digital Research team in ABS Technology is at the forefront of maritime digitalization, driving the development and implementation of cutting‑edge technologies, including Visualization Technologies, Digital Twins, Robotics, Structural Health Monitoring, Asset Integrity Management, Predictive Analytics, Smart Functionality, and OT Cybersecurity.

The Principal Cyber Security Assessor II – Navy Qualified Validator (NQV) engages in the implementation and delivery of ABS cyber security products and services, with a primary focus on Risk Management Framework (RMF) activities for U.S. government maritime and OT cybersecurity projects. This role serves as an independent Navy Qualified Validator recognized by the U.S. Navy, responsible for validating cybersecurity assessments of shipboard systems and related OT environments to support Authority to Operate (ATO) decisions.

The NQV reviews cyber assessments and scan results, confirms that vessels meet required cybersecurity standards, and supports the issuance of ATOs in alignment with DoD, U.S. Navy, and client requirements. The NQV also acts as a key liaison between ABS, clients, and U.S. Navy organizations that review ABS’s work and issue cybersecurity accreditation and ATO decisions, supporting the delivery of ABS’s CS‑RMF notation and enabling ABS to credibly maintain and expand its U.S. government cybersecurity business.

• Function as a subject matter expert in IT/OT security and RMF‑based cybersecurity for maritime and shipboard control systems, including Supervisor Control and Data Acquisition (SCADA) and Distributed Control Systems (DCS).
• Serve as an independent Navy Qualified Validator (NQV) in accordance with U.S. Navy and client requirements, providing objective validation of cybersecurity assessments and evidence.
• Review, validate, and provide independent concurrence on:
• OT/ICS cybersecurity assessments and system security documentation,
• Vulnerability scans and results produced by ABS teams (e.g., ISEE),
• Plans of Action and Milestones (POA&Ms) and risk disposition recommendations.
• Support Risk Management Framework (RMF) activities for U.S. government clients, including assessment and authorization (A&A) activities for shipboard and shore‑based systems and services.
• Confirm that vessels and systems meet applicable cybersecurity standards required to obtain and maintain Authority to Operate (ATO) from U.S. Navy and client stakeholders.
• Act as a primary technical liaison between ABS, clients, and U.S. Navy cybersecurity/accreditation organizations, helping to clarify technical issues, resolve findings, and support ATO decision‑making.
• Contribute to the delivery and continuous improvement of ABS’s CS‑RMF notation and related cybersecurity products and services.
• Develop and test various security features and controls to meet customer, U.S. government, and regulatory cybersecurity requirements.
• Support the development of proposals, provide ongoing technical and sales support for U.S. government and OT cybersecurity projects, and assist customers with maintaining compliance and cyber security.
• Conduct cyber vulnerability assessments and regulatory audits, including against applicable DoD/Navy standards and controls.
• Design and implement cyber security solutions for control systems in alignment with RMF and relevant DoD/Navy guidance.
• Develop project documentation, including security assessment reports (SARs), risk assessment artifacts, and RMF‑aligned evidence packages.
• Successfully conduct onsite implementations and validations of security solutions and controls onboard vessels or at shore facilities as needed.
• Provide technical analysis and guidance on control systems security trends, DoD/Navy RMF practices, and emerging OT cybersecurity threats.
• Prepare and conduct technical…