NAVY Qualified Validator

APPLY FOR THIS ROLE

Position Details

Contingencies:

Location:

Work Arrangement:

Clearance Requirements:

FLSA Status:

Travel Requirements:

Base Salary Range:

Requisition Number:

This position is contingent on final contract award

Philadelphia, PA

Full-time, primarily onsite at the customer facility

An active DoD SECRET security clearance is required

Non-Exempt

25%+

USD $120,000 to $135,000 per year

IRN-2026-02

Overview

Ironeye is seeking a Navy Qualified Validator (NQV) to provide Risk Management Framework (RMF) package validation and assessment support for Navy systems in Philadelphia, PA. The NQV will support the Navy Security Control Assessor (SCA) office by performing independent validation activities, assessing implementation of approved security control baselines, preparing and supporting assessment documentation, and briefing assessment results to required program and cybersecurity stakeholders.

responsibilities

  • Maintain required Navy Qualified Validator status, eligibility, or successor qualification as required by the contract and Navy SCA office.

  • Perform independent Navy RMF package validation activities in accordance with Navy SCA office requirements and applicable program direction.

  • Develop and support approval of the Security Assessment Plan with input from the system ISSE, ISSM, and other authorized stakeholders.

  • Assess whether systems have implemented the approved security control baseline and validate control implementation through documentation review, testing, and evidence analysis.

  • Conduct or support on-site validation testing at NSWCPD, contractor facilities, and other required locations.

  • Serve as an independent third-party validator and trusted agent to the SCA, SCA Liaison, PM, ISSM, and other authorized stakeholders.

  • Document assessment results, non-compliant controls, residual risk, and validation findings in the Security Assessment Report.

  • Support Risk Assessment Report documentation in accordance with applicable Navy instructions, including NAVSEAINST 9400.2 where required.

  • Develop required validation deliverables, including the SAR Executive Summary and Functional Security Controls Assessor Appendix.

  • Brief assessment results, residual risk, validation findings, and recommended risk decisions to the PM, ISSM, SCA representatives, and other authorized stakeholders, including during CONUS or OCONUS travel when required.

Required Education

Bachelor’s degree in information technology, information systems, computer science, engineering, electronics, networking, cybersecurity, or a related field.

Required Certifications

  • DoD 8570/8140 IAM Level II certification such as CompTIA SecurityX/CASP+, ISC2 CISSP or Associate of ISC2, or ISACA CISM.

  • Current (preferred) or former Navy Qualified Validator status

Required Experience

  • At least five years of professional experience supporting DoD RMF, certification and accreditation, cybersecurity assessment, information assurance, or security control validation activities.

  • Experience supporting compliance requirements for DoD RMF and Department of Navy cybersecurity or information assurance policy.

  • Experience coordinating with ISSMs, ISSEs, system engineers, certification agents, validators, or SCA representatives.

  • Experience preparing, reviewing, or validating RMF assessment artifacts such as SAPs, SARs, RARs, control test results, residual risk documentation, and executive summaries.

  • Experience assessing whether technical, management, and operational security controls have been implemented in accordance with an approved security control baseline.

Preferred Experience

  • Prior Navy, NAVSEA, NSWCPD, or Department of Defense RMF validation experience.

  • Experience working directly with a Navy SCA office, SCA Liaison, ISSM, ISSE, or Authorizing Official support staff.

  • Experience validating Platform Information Technology (PIT), operational technology, industrial control, weapons, shipboard, facility, or mission systems.

  • Experience developing SAR Executive Summaries, FSCA appendices, and residual risk documentation for Navy RMF packages.

  • Experience supporting onsite validation events, security control testing, POA&M review, and assessment closeout activities.

  • Strong working knowledge of Navy RMF processes, DoD cybersecurity policy, and SCA expectations for independent validation.

Compensation & BENEFITS

Ironeye expects to offer the following benefits for this position, subject to plan terms and eligibility:

  • Medical, dental, vision, life, and disability insurance, subject to plan terms and eligibility.

  • 10 days of paid time off per year, accrued per pay period, subject to company policy, contract coverage needs, and applicable leave laws.

  • Paid holidays observed in accordance with the customer site schedule or applicable contract requirements.

  • Up to $10,000 per year in company-approved, role-related training, certification, conference, lab, exam, and continuing-education reimbursement.

  • 401(k) retirement plan with up to 6% company match, subject to plan terms and eligibility.

The base salary range for this position is USD $120,000 to $130,000 per year.

Final compensation will be based on role requirements, relevant experience, qualifications, and contract constraints. This position is classified as non-exempt unless otherwise determined based on final contract duties, and overtime will be handled in accordance with applicable law.

Legal

Ironeye provides equal employment opportunity to qualified applicants and employees without regard to legally protected characteristics. Applicants must be legally authorized to work in the United States. Ironeye will verify employment eligibility after hire as required by federal law.