Serve as a senior subject matter expert and program lead for the Governance, Risk, and Compliance (GRC) function supporting federal information systems
Oversee enterprise GRC and RMF programs, ensuring consistency across multiple system authorizations and enclaves
Direct the risk management process, ensuring risk identification, quantification and treatment strategies align with federal and agency guidance
Lead assurance activities, validating that control implementations meet the intent of NIST 800-53 Rev.5 requirements
Govern SSP and POA&M quality, establishing standards, templates and review checkpoints across systems
Oversee cloud service provider assessments, ensuring proper inheritance of FedRAMP controls and shared responsibilities
Provide leadership for privacy and data governance, ensuring integration of PIA activities into RMF documentation
Develop and track Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) to measure compliance and risk health
Drive adoption of GRC automation, Continuous Controls Monitoring (CCM) and compliance analytics
Serve as primary point of contact during audits, IG reviews and authorization package evaluations
Mentor analysts and guide cross-functional teams on risk-informed decision-making and RMF optimization

Requirements

Bachelor’s degree in Cybersecurity, Information Assurance, or a related technical discipline
at least eight (8) years of progressive experience in cybersecurity, including experience leading RMF and FISMA compliance in a federal or contractor environment
Expertise with NIST 800-37, NIST 800-53 Rev.5, and FISMA implementation
Proven success managing enterprise risk, assurance, and audit readiness programs
Knowledge of quantitative risk models (e.g., FAIR, ISO 31000) and risk dashboards
Professional certifications such as CISSP, CISM, CRISC, CAP/CGRC, CIPP/US or similar
Ability to pass a background and drug screening
Must have identification compliant with the Real ID Act at time of hire
Must be able to obtain Department of Energy access badge
Must be able to obtain and maintain a U.S. government security clearance

Benefits

paid holidays
paid time off
401k with employer match
dental
vision
health insurance plans through the Federal Employee Health Benefits (FEHB) program
life and disability benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Governance, Risk, and Compliance (GRC)Risk Management Framework (RMF)NIST 800-53 Rev.5FISMA complianceContinuous Controls Monitoring (CCM)Key Performance Indicators (KPIs)Key Risk Indicators (KRIs)quantitative risk modelsFAIRISO 31000

Soft Skills

leadershipmentoringcross-functional team guidancerisk-informed decision-making

Certifications

CISSPCISMCRISCCAPCGRCCIPP/US