Today
Secret
Early Career (2+ yrs experience)
$80,000 - $90,000
No Traveling
IT - Security
Scott AFB, IL (Off-Site/Hybrid)
Our client is seeking a Risk Management Framework (RMF) Analyst to support cybersecurity compliance and accreditation efforts for federal systems. The ideal candidate will have hands-on experience with the RMF lifecycle, excellent documentation skills, and the ability to collaborate effectively with cross-functional teams to achieve and maintain system Authorization to Operate (ATO).
Responsibilities:
-Support execution of the full RMF lifecycle (Categorization, Selection, Implementation, Assessment, Authorization, and Monitoring) for assigned systems.
-Develop, review, and maintain RMF documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans, and other artifacts.
-Conduct risk assessments and control validation activities in accordance with NIST SP 800-53 and other relevant guidelines.
-Coordinate with ISSMs, system owners, engineers, and assessors to ensure control implementation, evidence collection, and audit readiness.
-Perform continuous monitoring activities and maintain ongoing system security posture.
-Track and manage system accreditation status using tools such as eMASS, XACTA, or equivalent.
-Assist with internal and external security audits and inspections.
-Identify and recommend risk mitigation strategies to ensure compliance and enhance security.
Experience/Skills:
Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field.
Minimum of 3 years of hands-on experience supporting RMF or similar compliance frameworks.
Knowledge of NIST RMF standards (800-37, 800-53, 800-30).
Experience with cybersecurity tools and risk management platforms (e.g., eMASS, ACAS, STIGs, SCAP tools).
Active DoD 8570.01-M certification (e.g., Security+, CAP, or CISSP).
Strong written and verbal communication skills.
Ability to work independently and collaboratively in a fast-paced environment.
Job Title
rmf analyst
Top Skills Details
(1) Active Secret clearance and Sec+ cert (or equivalent)
(2) Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field.
(3) Minimum of 3 years of hands-on experience supporting RMF or similar compliance frameworks.
Responsibilities:
-Support execution of the full RMF lifecycle (Categorization, Selection, Implementation, Assessment, Authorization, and Monitoring) for assigned systems.
-Develop, review, and maintain RMF documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans, and other artifacts.
-Conduct risk assessments and control validation activities in accordance with NIST SP 800-53 and other relevant guidelines.
-Coordinate with ISSMs, system owners, engineers, and assessors to ensure control implementation, evidence collection, and audit readiness.
-Perform continuous monitoring activities and maintain ongoing system security posture.
-Track and manage system accreditation status using tools such as eMASS, XACTA, or equivalent.
-Assist with internal and external security audits and inspections.
-Identify and recommend risk mitigation strategies to ensure compliance and enhance security.
Experience/Skills:
Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field.
Minimum of 3 years of hands-on experience supporting RMF or similar compliance frameworks.
Knowledge of NIST RMF standards (800-37, 800-53, 800-30).
Experience with cybersecurity tools and risk management platforms (e.g., eMASS, ACAS, STIGs, SCAP tools).
Active DoD 8570.01-M certification (e.g., Security+, CAP, or CISSP).
Strong written and verbal communication skills.
Ability to work independently and collaboratively in a fast-paced environment.
Job Title
rmf analyst
Top Skills Details
(1) Active Secret clearance and Sec+ cert (or equivalent)
(2) Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field.
(3) Minimum of 3 years of hands-on experience supporting RMF or similar compliance frameworks.
group id: 10105424
Accelerating IT transformation in the public sector
