Manage one or more information systems throughout the full six-step RMF lifecycle, including assessment, authorization, and continuous monitoring activities
Serve as an RMF Subject Matter Expert (SME), advising stakeholders on cybersecurity compliance, risk posture, and ATO readiness
Develop, review, and maintain RMF packages and associated documentation, including Security Plans, POA&Ms, Risk Assessment Reports, and security control policies
Assess system compliance against NIST SP 800-53 controls and DHA RMF requirements as part of self-assessment and annual reviews
Document and maintain evidence supporting control implementation and compliance
Lead and participate in A&A and stakeholder meetings to track system status, resolve issues, and drive RMF progress
Coordinate with engineers and system owners to develop architecture diagrams, system asset inventories, and security policies
Prepare and deliver status reports to DHA leadership on system authorization and compliance efforts

Requirements

Active DoD Secret security clearance
Bachelor’s degree in cybersecurity, information technology, or related field with 6+ years of experience; or 14+ years of relevant cybersecurity/IT experience in lieu of degree
DoD Manual 8140.03-compliant certification (e.g., Security+, CISSP, CASP+/SecurityX)
Demonstrated experience performing RMF activities as an ISSO/ISSM/SME, including ATO process support and RMF package development (Security Plans, POA&Ms, architecture diagrams, system security policies, etc.)
Demonstrated experience assessing and documenting NIST SP 800-53 controls
Experience using Microsoft Office applications: Word, PowerPoint, Excel, and SharePoint

Benefits

401K plan with company match
Medical, dental, vision insurance
Life insurance
AD&D
Flexible spending account
Disability
Paid time off
Flexible work schedule
Support for career advancement through professional training and development

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

RMF lifecycle managementcybersecurity compliancerisk assessmentNIST SP 800-53 controlsATO process supportRMF package developmentsecurity control policiesdocumentationevidence maintenancearchitecture diagrams

Soft Skills

stakeholder communicationleadershipproblem-solvingorganizational skillsteam collaborationreportingadvisory skillsissue resolutionprogress trackingmeeting facilitation

Certifications

DoD Secret security clearanceSecurity+CISSPCASP+/SecurityXDoD Manual 8140.03-compliant certification