Job Requirements
Hampton, VA
Top Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
ABOUT PRISM
PRISM is devoted to modernization and innovation within the world of technology, security, and IT enterprise solutions. We are recognized for meeting performance requirements and exceeding customer expectations since 1994. Our culture is founded on relationships, opportunity, and success. Offering comprehensive benefit plans including medical, dental, vision, and 401K along with our people - first approach sustains our reputation as a premier employer.
PRISM is seeking a highly skilled Risk Management Framework (RMF) Subject Matter Expert (SME) with a strong information system security manager (ISSM) background and hands-on experience with XACTA. You will guide system owners, engineering, teams and leadership through the full RMF lifecycle- ensuring compliance, managing documentation, and supporting secure system operations across classified and unclassified environments. This position is located Onsite at Langley Air Force Base in Hampton, Virginia 5 Days a week.
KEY RESPONSIBILITIES:
Lead and manage the full DOD RMF process for assigned systems.
Provide ISSM-level oversight and guidance to ensure compliance with DOD, NIST and agency-specific security policies.
Develop, maintain, and validate RMF documentation including System Security Plans, Security controls traceability matrices, POA&M, and systems categorization artifacts Utilize XACTA for control implementation, evidence upload, package creation, workflow, management, and assessment preparation.
Work closely with engineers, administrators, developers, and mission stakeholders to ensure secure design and architecture decisions.
Lead assessment preparation activities and support independent audits, CCRI reviews, and Authorizing Official (AO) evaluations.
Conduct vulnerability analysis, risk assessment and remediation planning.
Guide continuous monitoring activities: STIG compliance, vulnerability scanning, patch management review, and incident documentation.
Serve as a subject matter expert for cybersecurity policy interpretation, control inheritance, and risk acceptance recommendations.
Provide training, mentoring and support to security analysts and program team members.
REQUIRED QUALIFICATIONS (SKILLS/EDUCATION)
High School with 9+ years (or commensurate experience)
Clearance: TS/SCI
Proven experience supporting or performing duties as an ISSM or ISSO
Hands-on experience with XACTA for RMF package development
Experience with STIGs, ACAS, HBSS/Trellix, vulnerability management, and secure configuration baselines
Strong communication skills and the ability to brief leadership and stakeholders
DOD 8140 IAM Level III (CISSP, CISM, CCISO)
PREFERRED QUALIFICATIONS
Experience supporting complex, multi-system environments or programs of record.
Experience supporting CCRI/ Command Cyber Readiness Inspections.
Experience with DOD networks (NIPR, SIPR, JWICS).
REQUIRED SECURITY CLEARANCE
Active TS/SCI Clearance
PRISM is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
PRISM is devoted to modernization and innovation within the world of technology, security, and IT enterprise solutions. We are recognized for meeting performance requirements and exceeding customer expectations since 1994. Our culture is founded on relationships, opportunity, and success. Offering comprehensive benefit plans including medical, dental, vision, and 401K along with our people - first approach sustains our reputation as a premier employer.
PRISM is seeking a highly skilled Risk Management Framework (RMF) Subject Matter Expert (SME) with a strong information system security manager (ISSM) background and hands-on experience with XACTA. You will guide system owners, engineering, teams and leadership through the full RMF lifecycle- ensuring compliance, managing documentation, and supporting secure system operations across classified and unclassified environments. This position is located Onsite at Langley Air Force Base in Hampton, Virginia 5 Days a week.
KEY RESPONSIBILITIES:
Lead and manage the full DOD RMF process for assigned systems.
Provide ISSM-level oversight and guidance to ensure compliance with DOD, NIST and agency-specific security policies.
Develop, maintain, and validate RMF documentation including System Security Plans, Security controls traceability matrices, POA&M, and systems categorization artifacts Utilize XACTA for control implementation, evidence upload, package creation, workflow, management, and assessment preparation.
Work closely with engineers, administrators, developers, and mission stakeholders to ensure secure design and architecture decisions.
Lead assessment preparation activities and support independent audits, CCRI reviews, and Authorizing Official (AO) evaluations.
Conduct vulnerability analysis, risk assessment and remediation planning.
Guide continuous monitoring activities: STIG compliance, vulnerability scanning, patch management review, and incident documentation.
Serve as a subject matter expert for cybersecurity policy interpretation, control inheritance, and risk acceptance recommendations.
Provide training, mentoring and support to security analysts and program team members.
REQUIRED QUALIFICATIONS (SKILLS/EDUCATION)
High School with 9+ years (or commensurate experience)
Clearance: TS/SCI
Proven experience supporting or performing duties as an ISSM or ISSO
Hands-on experience with XACTA for RMF package development
Experience with STIGs, ACAS, HBSS/Trellix, vulnerability management, and secure configuration baselines
Strong communication skills and the ability to brief leadership and stakeholders
DOD 8140 IAM Level III (CISSP, CISM, CCISO)
PREFERRED QUALIFICATIONS
Experience supporting complex, multi-system environments or programs of record.
Experience supporting CCRI/ Command Cyber Readiness Inspections.
Experience with DOD networks (NIPR, SIPR, JWICS).
REQUIRED SECURITY CLEARANCE
Active TS/SCI Clearance
PRISM is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
group id: PRISMVA