Validator/Vulnerability Management Lead (4979) jobs in United States
cer-icon
Apply on Employer Site
company-logo

SMX · 10 hours ago

Validator/Vulnerability Management Lead (4979)

positionPatuxent River, MD
timeFull-time
remoteHybrid
seniorityMid Level
money$94K/yr - $156K/yr
date3+ years exp

SMX is seeking a Validator/Vulnerability Management Lead to support the Unmanned Carrier Aviation Program Office at Patuxent River Naval Air Station in Lexington Park, MD. The role involves assessing and validating security packages, managing vulnerabilities, and developing policies for vulnerability and patch management.

AnalyticsCloud ComputingCloud Data ServicesCloud SecurityCyber SecurityInformation TechnologyIT ManagementSoftware
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Assess and validate PMA-268 RMF packages (Authorizations to Operate (ATOs) and Interim Authorizations to Test (IATTs), to include but not limited to:
Coordinate development of the Security Assessment Plan (SAP) with Integrated Product Team (IPT) SSE and system ISSO
Submit SAP for approval
Execute the SAP
Provide a summary of failed controls in Enterprise Mission Assurance Support Service (eMASS) (Risk Assessment)
Complete the Security Assessment Report (SAR)
Provide POA&M update recommendations to the PMA/IPT based on assessment results
Ensure traceability of all vulnerabilities from raw assessment results to the POA&M
Support Continuous Monitoring (ConMon) activities (e.g. annual security reviews, system/changes/ Memorandums for the Record (MFRs))
Create consolidated list of mitigation statements for POA&Ms (unclassified) to assist ISSOs with established mitigation statements for common non-compliant security controls
Vulnerability Management Lead
Establish and execute a PMA-268 vulnerability management program, to include developing guidance for VRAM record creation and management
Develop a PMA Vulnerability and Patch Management Policy
Coordinate development of System level Vulnerability and Patch Management Plans (VPMP)
NAVAIR Rapid Response Lead for PMA-268 will:
Attend Rapid Response meetings
Coordinate consolidated PMA-268 responses to Orders received (ie EXORD, OPORD, TASKORD)
Monitor the NAVAIR Vulnerability Management Channel for notifications daily
Maintain the PMA-268 Cyber Directive Status tracker
Create and maintain a Cyber Directives tracker on SIPR to summarize the orders
Manage PMA-268 Portfolio VRAM records

Qualification

Navy Qualified ValidatorVulnerability ManagementSecurity Assessment PlanBachelor's DegreeClearance RequiredEngineering ExpertiseRecent Experience

Required

Clearance Required: Secret
Must have a bachelor's degree in a technical or scientific field from an accredited college or university
Must have at least three (3) years of recent and relevant experience
Demonstrated experience in an area of engineering expertise is required
Must be a Navy Qualified Validator

Benefits

Health insurance
Paid leave
Retirement

Company

SMX

twittertwitter
company-logo
SMX is a provider of information technology (IT), services, and advanced engineering with a focus on Cloud Solutions.
dateFounded in 1995
location
Hollywood, Maryland, USA
people-size1001-5000 employees
web-link
https://www.smxtech.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Peter LaMontagne
Chief Executive Officer
linkedin

Recent News

GlobeNewswire
eSHARE and SMX Announce FedRAMP Moderate Agency ATO for eSHARE’s Trusted Collaboration Suite
2026-01-22
PR Newswire
ColorTokens Achieves FedRAMP® Moderate Authorization, Accelerating Secure Zero Trust Adoption Across Federal Agencies
2026-01-12
GlobeNewswire
Outside Analytics Teams with SciTec on U.S. Space Force FORGE EOS Contract for Missile Warning Mission
2025-12-09
Company data provided by crunchbase