×
Register Here to Apply for Jobs or Post Jobs. X

Risk Management Framework Validator

Job in Wahiawa, Honolulu County, Hawaii, 96786, USA
Listing for: KINAOLE SERVICE CENTER
Full Time position
Listed on 2026-07-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 125000 - 140000 USD Yearly USD 125000.00 140000.00 YEAR
Job Description & How to Apply Below

If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process.

Full Time Professional Wahiawa, HI, US

Salary Range: $ To $ Annually

Ho'olaulima Government Solutions LLC (HGS) is a Small Business Administration-certified, Native Hawaiian Organization-Owned, 8(a) Small Business which provides services and solutions in the areas of Cybersecurity Services, Information Technology Services, Professional and Technical Services, Environmental Services, and Healthcare Services to the Department of Defense and other Federal agencies.

HGS is a wholly-owned subsidiary of the Kina'ole Foundation, a 501(c)(3) non-profit established to benefit Native Hawaiian communities.

You will receive a comprehensive benefits package that includes:

  • Health insurance
  • Life insurance
  • Professional training reimbursement
  • 401K
  • Disability insurance
  • ...and much, much more!
Job Description

Under the supervision of the Operations Manager, the Operator I (CSWF) shall perform the following duties:

Duties and Responsibilities
  • Provide recommendation, support and advice in the implementation, management, maintenance and growth of the commands A&A program.
  • Provide subject matter expertise in support of the Risk Management Framework (RMF) Assessment and Authorization (A&A) process.
  • Provide NCTAMS PAC and four subordinate commands RMF support to ensure the Naval Authorization Official's (NAO) requirements have been met for all NCTAMS PAC and subordinate commands owned systems.
  • Perform security control assessments on RMF packages before submission to Echelon II, Security Control Assessor (SCA), Security Control Assessor Liaison (SCAL), and the NAO.
  • Perform risk assessments on NCTAMS PAC and subordinate commands owned circuits, systems, or other information system that processes, stores, transmits and/or displays DoD/DON information based on findings from Security Control Assessment. Provide articulated findings in the required reportable format as defined by NAO, which include but are not limited to DISA manual STIGs, DISA automated SCAPs, and Tenable's ACAS security tools.
  • Organize and update weekly Authority to Operate (ATO) status tracker for all security packages within the NCTAMS PAC AOR. Provide weekly tracker status to the command A&A manager.
  • Utilizing Risk Assessment Report, Security Implementation Guide (STIG) Checklists, Assured Compliance Assessment Solution (ACAS) and other tools provided by the Government, analyzes the results of general cybersecurity- related technical problems relating to risk, threats, vulnerabilities, mitigation, or remediation analysis of information systems and applications throughout the systems development life cycle (from inception to decommission). Provide analysis, updates, and reports via eMASS in support of the command Assessment & Authorization (A&A) Manager.
  • Assist Government personnel in the affected areas in the completion of RMF documentation and procedures required to obtain an accreditation (e.g. Authority to Operate (ATO), Authority to Operate with Conditions (ATO w/ Cond), Authority to Connect (ATC), Authority to Connect with Conditions (ATC w/ Cond), etc.) for NCTAMS PAC and subordinate command owned sites and systems.
  • Within six months of hire, achieve Navy Qualified Validator (NQV) certification in order to conduct security control assessments of RMF packages.
  • Assist Government personnel in the affected areas with the implementation, evaluation, and direction in the development of RMF required artifacts to include, but not limited to, Security Plans, Security Assessment Plans, Continuous Monitoring Strategy, Test Plans, Risk Assessment Reports (RAR), and Plan of Action and Milestones (POA&M) for NCTAMS PAC and AOR security packages.
  • Assist the A&A manager with processing Boundary Change Requests (BCR) for the IT- 21 PRNOC Enterprise by verifying the relevant A&A information for the target systems are valid prior to processing. These actions include confirming that a valid ATO exists for the target system as well as ensuring the associated ports, protocols and services for the proposed source/destination IPs are…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary