Career Opportunities with Whitney, Bradley and Brown

A great place to work.

Open Positions
Share with friends!

Controls Validation Test Assessor

Office: Huntsville, AL
Location: Huntsville, AL
Job ID: S20-0748

JOB TITLE: Controls Validation Test Assessor


Decisive Analytics a WBB Company has a Controls Validation Test (CVT) Assessor opening in Huntsville, AL.

CVT Assessors support the MDA Security Control Assessors (SCA) within the Independent Verification and Validation (IV&V) team by performing comprehensive and thorough Risk Management Framework cybersecurity control and vulnerability assessments for the MDA. The assessment process utilizes approved DoD tools and processes for conducting these independent assessments. Results from control and vulnerability assessments are a key input to the MDA’s Risk Assessment process which takes vulnerabilities associated with noncompliant RMF controls and evaluates their risk to the mission and the agency to arrive at a residual risk.

This is a technical cybersecurity position and solving complex technical cybersecurity issues will be required.


  • Evaluate and conduct analysis of various Cybersecurity architecture & security requirements, including ISE, PKI, GPOs, Certificates, VMware ESX, vCenter, various UNIX and Windows-based
  • Operating Systems. All while taking guidance from DoD IT and Cyber policies, instructions, directives, and technical guidance
  • Performing ACAS/Nessus discovery and vulnerability scans of target environments
  • Evaluating DISA Security Technical Implementation Guidelines (STIG) settings against the target environment
  • Interfacing with Information System Security Officers and Managers, including reviewing documentation, such as Systems Security Plans (SSPs), risk assessment reports, authorization packages, and Plans of Action and Milestones (POA&Ms)


Security Clearance: Secret

  • Secret security clearance; eligible for Top Secret/SCI
  • 10 years of IT experience, with at least 5 years of dedicated IAT experience
  • Understanding of the Risk Management Framework (RMF) and the NIST 800-53 RMF Security Control Catalog
  • Demonstrated knowledge of DoD Implementation of National Institute of Standards and Technology's (NIST) Risk Management Framework (RMF)
  • Experience assessing RMF controls and system vulnerabilities
  • Demonstrated knowledge of:
  • All DoD STIGs for current and legacy systems
  • McAfee's Host Based Security System (HBSS) components and functionality
  • Security event generating sources (firewalls, IDS, routers, security appliances)
  • Network equipment (most popular network device vendors)
  • Routing protocols, ports, protocols and services (PP&S)
  • Ability to generate Security Assessment Test Plans (SAP)
  • IAT Level II cybersecurity certification (per DoD 8570.01-M)


  • Top Secret security clearance with SCI eligibility
  • Experience with Network Mapping & Packet Capture Tools including, but not limited to, nMap, RedSeal, and Wireshark
  • Working knowledge of vulnerability and STIG compliance scan tools including, but not limited to, Assured Compliance Assessment Solution (ACAS) and SCAP Compliance Checker (SCC)
  • Ability to articulate Cybersecurity Assessment findings in a technical and non-technical way to customers
  • Ability to research Cyber vulnerabilities and issues, develop and present solutions
  • Ability to work both independently and collaboratively
  • Excellent writing and oral communication skills



KEY WORDS: Cybersecurity, ACAS, RMF controls #MON


WBB is a technical and management consulting company that provides innovative products and services that solve government and commercial customer’s toughest problems. For more than 30 years, WBB has set the standard for excellence in consulting services, while providing its employees with an outstanding work environment with ample opportunities for growth and success. WBB continues to enjoy impressive growth, which is directly attributed to the company’s hiring practice of always hiring the very best professionals from government, military and industry.

We are proud of our diverse environment and are an Equal Opportunity Employer. WBB is committed to a policy of equal employment opportunity. WBB participates in E-Verify.

WBB does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of WBB and WBB will not be obligated to pay a placement fee.

Applicant Tracking System Powered by ClearCompany HRM Applicant Tracking System