DevSecOps RMF Engineer

Own your career as a DevSecOps RMF Engineer at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow.

At GDIT, people are our differentiators. As a DevSecOps RMF Engineer you will help ensure today is safe and tomorrow is smarter. Our work depends on a DevSecOps RMF Engineer joining our team to be a critical bridge between development, security, and compliance, ensuring our systems meet stringent DoD security requirements throughout the entire software development lifecycle.

HOW A CYBER SECURITY ANALYST SENIOR WILL MAKE AN IMPACT:

• Performs forensic analysis of digital information and gathers and handles evidence.
• Integrate automated security scanning, vulnerability assessments, and compliance checks into CI/CD pipelines.
• Develop and maintain documentation required for RMF authorization packages (e.g., System Security Plan, Security Assessment Report, Plan of Action and Milestones).
• Design and implement CI/CD pipelines leveraging tools such as GitLab and Azure DevOps.
• Map security controls to NIST 800-53 and other relevant DoD security standards.
• Collaborate with development and security teams to remediate vulnerabilities and implement security best practices.
• Automate the collection and reporting of security data for continuous monitoring and compliance.
• Support the development and maintenance of a DevSecOps automation framework for RMF compliance.
• Assist with the preparation for and participation in security assessments and audits.
• Stay up-to-date on the latest RMF guidance and security threats.

WHAT YOU'LL NEED TO SUCCEED:

Required Experience/Education:

• Education: B.A./B.S. Computer Science, or a related field (or equivalent work experience)
• Required work experience: 3+ years of related work experience with a focus on RMF
• Strong understanding of the Risk Management Framework (RMF) process and NIST 800-53 security controls.
• Experience with security scanning tools (e.g., Nessus, Tenable.sc, Qualys) and vulnerability management.
• Familiarity with CI/CD pipelines and automation tools (e.g., Azure DevOps, GitHub Actions, Jenkins).
• Knowledge of scripting languages (e.g., Python, PowerShell) for automating security tasks.
• Required Certs: Security + CE cert.
• Excellent communication and documentation skills

Preferred Certs/Skills:

• Certified Information Systems Security Professional (CISSP) or equivalent certification.
• Certified RMF Professional (CRMP).
• Experience with eMASS or other GRC (Governance, Risk, and Compliance) tools.
• Familiarity with DoD security policies and procedures.
• Experience with container security and Kubernetes security.
• Work location: Onsite-Tampa, FL at MacDill AFB
• Security Clearance Level: TS/SCI clearance required. (US Citizenship required due to the TS/SCI clearance requirement.)

WHAT GDIT CAN OFFER YOU:

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology and the ability to make a real impact on the world around you.

Not sure this job's the one for you? Check out our other openings at gdit.com/careers.

Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking "Share."

#ARMA

#CENTCOMCITS

#GDITPRIORITY

Work Requirements