Risk Management Framework (RMF) Analyst

Remote Full-time
Job Overview
We are seeking a highly skilled Risk Management Framework (RMF) Analyst to join our cybersecurity team. The ideal candidate will be responsible for implementing, managing, and maintaining comprehensive risk management processes aligned with federal and organizational standards such as NIST, ISO, and FedRAMP. This role requires deep expertise in IT infrastructure, network security, and information security principles to ensure the confidentiality, integrity, and availability of organizational assets across cloud and on-premises environments. The primary goal is to help organizations achieve and maintain an Authority to Operate (ATO) for technical systems.

The ideal candidate will be responsible for:
• Assessment and Authorization (A&A): guiding systems through the 6-step RMF process (NIST SP 800-37) to obtain/maintain an ATO
• Security Control Assessment: evaluating technical controls using tools like ACAS or SCAP and analyze STIG checklists
• Documentation: creating and maintaining SSPs, POA&Ms, and security assessment reports
• Risk Management: identifying, analyzing and mitigating security risks in coordination with system owners and stakeholders
• Compliance Monitoring: conducting ongoing monitoring to ensure compliance with federal or DoD cybersecurity policies
• System Categorization: defining the system's boundary and assessing the potential impact of a security breach on the organization's mission
• Security Control Selection: identifying and tailoring specific security controls
• Implementation & Assessment: verifying that the security controls are properly implemented via audits, technical testing and vulnerability scans.
• Lead incident response efforts by analyzing system security events and coordinating incident recovery procedures.
• Conduct vulnerability research to identify potential threats within IT infrastructure including IoT devices and enterprise applications.
• Collaborate on system security enhancements through scripting (PowerShell, Bash), SDLC processes, DevOps practices including CI/CD pipelines.
• Ensure compliance with cybersecurity policies related to PCI DSS standards and FISMA regulations while supporting disaster recovery planning.
• Maintain documentation of risk assessments and support audits related to IT governance frameworks such as ITIL and COBIT.

Qualifications
• Bachelor’s degree in Computer Science, Cybersecurity, or Information Systems preferred with a minimum of five years of relevant experience
• Certifications are highly encouraged, including: CompTIA Security+, CISSP, CGRC
• Proficiency with RMF management tools such as eMASS, XACTA, or STIG Viewer preffered
• Proficiency with vulnerability scanners such as ACAS or Nessus preferred
• Excellent communication skills to convey technical risks to non-technical stakeholders; ability to work collaboratively within Agile teams supporting DevOps initiatives.
• May be required to hold and maintain a security clearance
• Note: this position is with a federal government organization and may require candidates to be a U.S. citizen or lawful permanent resident

Job Types: Full-time, Contract

Pay: $88,615.95 - $106,720.29 per year

Work Location: Remote

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

ITSM Incident & Problem Manager

Remote

AI Integration Engineer​/AI Automation Specialist; Remote

Remote

Experienced Customer Experience Agent – Delivering Exceptional Support to Merchants, Customers, and Dashers in a Fast-Paced Environment

Remote

Walt Disney Imagineering, Communications Intern, Spring 2025

Remote

Dedicated Virtual Special Education Teacher for K-12

Remote

CVS No Experience Remote Jobs (Data Entry) - WFH

Remote

Sales / Account Manager

Remote

Work At Home Data Entry Jobs No Experience

Remote

**Experienced Bilingual Customer Service Representative – Beverage Delivery Space**

Remote

Enterprise Solutions Engineer - Key Accounts (West)

Remote
← Back