Security, RMF Engineer
ARETUM
full-time
Posted on:
Location Type: Remote
Location: Virginia • United States
Visit company websiteExplore more
Tech Stack
About the role
- Develop and maintain RMF documentation (SSP, POA&M, SAR inputs)
- Map and implement security controls across system layers
- Coordinate with VA security stakeholders
- Support vulnerability scanning and remediation
- Enable continuous monitoring and compliance
Requirements
- RMF Framework: NIST 800-53, control families, tailoring
- ATO Process: SSP development, POA&M management, authorization workflows
- ServiceNow GRC (or similar): Documentation and tracking
- Cloud Security: AWS security controls, shared responsibility model
- Identity & Access Management: RBAC, least privilege, federation concepts
- Encryption: TLS, data-at-rest encryption, key management (KMS)
- Vulnerability Management: Scanning tools, remediation workflows
- Logging & Monitoring: SIEM integration (Splunk, Datadog concepts)
- Network Security: Segmentation, ingress/egress control, TIC awareness
- Compliance Standards: HIPAA awareness, FISMA/FEDRAMP basics
- DevSecOps Integration: Security in CI/CD pipelines
- Risk Assessment: Identifying and documenting system risks and mitigations
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off
- Family Leave (Maternity, Paternity)
- Short Term & Long-Term Disability
- Training & Development
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
RMF FrameworkNIST 800-53SSP developmentPOA&M managementAWS security controlsRBACTLSVulnerability ManagementSIEM integrationDevSecOps Integration
Soft Skills
coordinationcommunicationcompliancerisk assessment