Control Validation Specialist

Apply

Job Type

Full-time

Description

NexGen Data Systems is seeking an eMASS Workflow & Control Validation Specialist to support the United States Transportation Command (USTRANSCOM) Senior Information Security Officer (SISO) mission. This role provides technical support for Assessment and Authorization (A&A) activities, acting as the primary point of intake for system compliance packages. The specialist will perform IT audits on complex information systems, applications, and enclaves to ensure that appropriate controls exist, are correctly implemented, and comply with Federal and DoD standards.

The eMASS Workflow & Control Validation Specialist will support eMASS workflow triage, STIG/SCAP IV&V analysis, Package Readiness Reviews (PRR), POA&M mitigation tracking, and risk acceptance engineering. This position requires an intermediate specialist who understands the Risk Management Framework (RMF), possesses strong analytical skills to weigh business needs against security concerns, and can ensure that A&A packages are accurate and ready for Authorizing Official (AO) review.

Roles & Responsibilities:

• Serve as the primary intake support for A&A packages, processing and routing authorization workflows directly within eMASS to ensure rapid throughput and adherence to the 7-day turnaround SLA.
• Perform IT audits and control validation exercises on classified and unclassified networks, applications, and systems to ensure security measures are correctly implemented and effective.
• Conduct deep-dive Independent Verification & Validation (IV&V) of STIG checklists, SCAP automated scans, and ACAS/Vulnerability Management findings.
• Coordinate and facilitate Package Readiness Reviews (PRR) with system owners, ensuring packages meet compliance baselines before formal routing to the AO.
• Monitor and track POA&M mitigation milestones, evaluating closure evidence and maintaining the systemic risk ledger for tenant systems.
• Assist in drafting Risk Acceptance (RA) Memorandums by performing engineering risk analysis on residual vulnerabilities.
• Interpret and apply DoD, USCYBERCOM, and USTRANSCOM cyber policies to assess their impact on current system assessment baselines.
• Provide technical support in vulnerability assessment, risk assessment, and network security, ensuring security controls trace back to valid technical evidence.
• Utilize analytical software (Microsoft Excel/Access) to organize, track, and report on eMASS package velocity and compliance data.
• Communicate technical audit findings to both technical stakeholders and senior management, ensuring clear understanding of security posture and remediation requirements.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Requirements

Desired/Required Skills:

• Clearance Required: Active Department of Defense Secret clearance.
• Investigation / Position Sensitivity: Non-Critical Sensitive (Formerly IT-II or IT-2). Must possess a favorable Tier 3 (T3) NACLC/ANACI at time of proposal submission.
• Location: On-site at Scott Air Force Base, IL or Government-approved remote/hybrid location as authorized. Availability during Central Time core support hours required.
• Required Experience: Minimum two (2) years of experience working with DoD 8500.2 or NIST SP 800-53 and a solid understanding of the principles of the Risk Management Framework (RMF).
• Required eMASS Knowledge: Strong working knowledge of Enterprise Mission Assurance Support Service (eMASS) for workflow management and package submission.
• Technical Audit Skills: Demonstrated proficiency in performing IT audits on complex systems and identifying gaps in control implementation.
• Analytical Skills: Strong analytical and problem-solving skills for resolving security issues and weighing business needs against security constraints.
• Tool Proficiency: Proficiency in basic analytical software such as Microsoft Excel and Access; proficiency with the Microsoft Office suite (Word, PowerPoint).
• Networking Knowledge: Strong skills implementing and configuring networks and network components (L2/L3 switches, routers, etc.).
• Cyber Baseline Certification: Active DoD 8570.01-M / DoDM 8140 Information Assurance Technical Level II or higher certification and a technical certification form one of the following desired skills:
• Desired Skills: Familiarity with ACAS, Vulnerator, STIG Viewer, SCAP Compliance Checker, and prior experience supporting USTRANSCOM or DLA cybersecurity environments.

About the Company:

NexGen Data Systems is an emerging technologies focused company providing expert systems and network engineering solutions to the Department of Defense. NexGen Data Systems promotes a culture of knowledge and career advancement through continued learning, keeping our team current on the latest advances in systems and networking, and enabling our team to provide the best available solutions to our clients.

Benefits:

• Company covers 100% of premiums for the employee's medical, dental, and vision insurance and subsidizes premiums for spouse and dependents.
• Company provides short and long term disability plans.
• 401(k) match up to 10% of the employee's salary contributions to 401(K) plan.
• Comprehensive training and development program.
• 11 paid holidays and paid time off (PTO) accrual level starts at 15 days annually.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

NOTE: US Citizens and those authorized to work in the US are encouraged to apply. In order to be qualified for this position, you must be able to obtain and maintain a United States Department of Defense (DoD) security clearance. We are unable to sponsor Visas at this time. NexGen Data Systems provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.