SCA-R Validator

AGE Solutions is looking for a SCA-R Validator to join our team in support of a cybersecurity risk management and assessment program with our DoD customer.

In this role, you will perform functions within the A&A process, assess programs’ security posture, and build reports detailing assessment results, and submit those reports and all supporting data to the governing AO along with recommendations for improving a program’s cybersecurity posture. You will also function as a team leader over assessors on assessments.

Individuals in this role must be available to work on-site full-time in Chambersburg, PA. Approximately 35% travel will be required for this position (CONUS/OCONUS).

• →Use government-assigned tools to perform weekly updates, maintain records, and complete tasks.
• →Coordinate with ISSMs and PMOs to understand system architecture, security requirements, and changes.
• →Conduct risk analysis and authorization tasks across all RMF steps using approved RE5 tools and processes.
• →Verify authorization boundaries and categorize systems (FIPS199).
• →Identify data classifications and conduct system-level risk assessments.
• →Track system changes, assess impacts, and report updates to the AO.
• →Evaluate authorization and change requests, web filtering, firewall exceptions, ports/protocols, cybersecurity risks, STIG/SRG compliance, and on-site security.
• →Lead assessment visits, conduct briefings, and ensure proper documentation and reporting.
• →Attend required government training and meetings to stay updated on process changes.
• →Maintain access and proficiency in required government databases and cybersecurity tools.
• →Assess threats, vulnerabilities, and residual risks; compile findings into authorization packages.
• →Support assigned systems throughout their lifecycle in alignment with FISMA requirements.
• →Submit weekly activity reports summarizing tasks, tracking IDs, and key updates.
• →Complete assessor training, vulnerability scanning, endpoint security, and RMF step training.

• Education and Certifications:
  • Bachelor's degree (IT-related field preferred)
  • DoD 8570 IAM/IA Technical (IAT) Level II certification
• Experience:
  • Eight (8) years of overall experience in cybersecurity or network security position
  • Five (5) years of experience in a Certification and Accreditation/A&A role
• Security Clearance:
  • Must possess an active DoD Top Secret clearance with SCI eligibility
• Skills and Knowledge:
  • Demonstrated experience with STIGs (Security Technical Implementation Guides), Security Requirement Guides (SRGs), Plan of Action and Milestones (POA&Ms) and cybersecurity best practices
  • Advanced understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253
  • Demonstratable experience in risk analysis, control validation, and as a Security Control Assessor Representative (SCA-R).
  • Demonstrated experience with relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS
  • Advanced understanding of key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications
  • Customer service skills

The projected salary range for this position is $105,000+ annually. Final compensation will be determined based on factors including years of relevant experience, active security clearance level, certifications, technical skillset, contract requirements, and overall qualifications.