Today
Secret
IT - Security
Scott Air Force Base, IL (On-Site/Office)
Job Description
Our client is seeking a Risk Management Framework (RMF) Analyst to support cybersecurity compliance and accreditation efforts for federal systems. The ideal candidate will have hands-on experience with the RMF lifecycle, excellent documentation skills, and the ability to collaborate effectively with cross-functional teams to achieve and maintain system Authorization to Operate (ATO).
Responsibilities:
-Support execution of the full RMF lifecycle (Categorization, Selection, Implementation, Assessment, Authorization, and Monitoring) for assigned systems.
-Develop, review, and maintain RMF documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans, and other artifacts.
-Conduct risk assessments and control validation activities in accordance with NIST SP 800-53 and other relevant guidelines.
-Coordinate with ISSMs, system owners, engineers, and assessors to ensure control implementation, evidence collection, and audit readiness.
-Perform continuous monitoring activities and maintain ongoing system security posture.
-Track and manage system accreditation status using tools such as eMASS, XACTA, or equivalent.
-Assist with internal and external security audits and inspections.
-Identify and recommend risk mitigation strategies to ensure compliance and enhance security.
Experience/Skills:
Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field.
Minimum of 3 years of hands-on experience supporting RMF or similar compliance frameworks.
Knowledge of NIST RMF standards (800-37, 800-53, 800-30).
Experience with cybersecurity tools and risk management platforms (e.g., eMASS, ACAS, STIGs, SCAP tools).
Active DoD 8570.01-M certification (e.g., Security+, CAP, or CISSP).
Strong written and verbal communication skills.
Ability to work independently and collaboratively in a fast-paced environment.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
This position requires an active DoD Clearance (Secret, Top Secret, Top Secret/SCI) or the ability to be obtain an (Interim Secret, Interim Top Secret)
Because an active or interim DoD clearance is required, U.S. Citizenship is required.
Our client is seeking a Risk Management Framework (RMF) Analyst to support cybersecurity compliance and accreditation efforts for federal systems. The ideal candidate will have hands-on experience with the RMF lifecycle, excellent documentation skills, and the ability to collaborate effectively with cross-functional teams to achieve and maintain system Authorization to Operate (ATO).
Responsibilities:
-Support execution of the full RMF lifecycle (Categorization, Selection, Implementation, Assessment, Authorization, and Monitoring) for assigned systems.
-Develop, review, and maintain RMF documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans, and other artifacts.
-Conduct risk assessments and control validation activities in accordance with NIST SP 800-53 and other relevant guidelines.
-Coordinate with ISSMs, system owners, engineers, and assessors to ensure control implementation, evidence collection, and audit readiness.
-Perform continuous monitoring activities and maintain ongoing system security posture.
-Track and manage system accreditation status using tools such as eMASS, XACTA, or equivalent.
-Assist with internal and external security audits and inspections.
-Identify and recommend risk mitigation strategies to ensure compliance and enhance security.
Experience/Skills:
Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field.
Minimum of 3 years of hands-on experience supporting RMF or similar compliance frameworks.
Knowledge of NIST RMF standards (800-37, 800-53, 800-30).
Experience with cybersecurity tools and risk management platforms (e.g., eMASS, ACAS, STIGs, SCAP tools).
Active DoD 8570.01-M certification (e.g., Security+, CAP, or CISSP).
Strong written and verbal communication skills.
Ability to work independently and collaboratively in a fast-paced environment.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
This position requires an active DoD Clearance (Secret, Top Secret, Top Secret/SCI) or the ability to be obtain an (Interim Secret, Interim Top Secret)
Because an active or interim DoD clearance is required, U.S. Citizenship is required.
group id: 10105424
Accelerating IT transformation in the public sector
