Risk Management Framework (RMF) Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

FEDITC · 1 month ago

Risk Management Framework (RMF) Analyst

positionScott AFB, IL
timeFull-time
remoteOnsite
seniorityMid Level
date3+ years exp

FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. They are seeking a Risk Management Framework (RMF) Analyst to support cybersecurity compliance and accreditation efforts for federal systems, utilizing hands-on experience with the RMF lifecycle and collaborating with cross-functional teams.

ConsultingCyber SecurityGovernmentInformation Technology
check
Work & Life BalancebadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Support execution of the full RMF lifecycle (Categorization, Selection, Implementation, Assessment, Authorization, and Monitoring) for assigned systems
Develop, review, and maintain RMF documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans, and other artifacts
Conduct risk assessments and control validation activities in accordance with NIST SP 800-53 and other relevant guidelines
Coordinate with ISSMs, system owners, engineers, and assessors to ensure control implementation, evidence collection, and audit readiness
Perform continuous monitoring activities and maintain ongoing system security posture
Track and manage system accreditation status using tools such as eMASS, XACTA, or equivalent
Assist with internal and external security audits and inspections
Identify and recommend risk mitigation strategies to ensure compliance and enhance security

Qualification

RMF lifecycle experienceNIST RMF standardsCybersecurity tools experienceDoD 8570.01-M certificationDocumentation skillsCommunication skillsCollaborative skillsIndependent work skills

Required

Bachelor's degree in Cybersecurity, Information Systems, or a related technical field
Minimum of 3 years of hands-on experience supporting RMF or similar compliance frameworks
Knowledge of NIST RMF standards (800-37, 800-53, 800-30)
Experience with cybersecurity tools and risk management platforms (e.g., eMASS, ACAS, STIGs, SCAP tools)
Active DoD 8570.01-M certification (e.g., Security+, CAP, or CISSP)
Strong written and verbal communication skills
Ability to work independently and collaboratively in a fast-paced environment
Active Secret Security Clearance is required
Must be a US Citizen and pass a background check
Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FEDITC and/or required by FEDITC'S Client(s)/Customer(s)/Prime contractor(s)

Preferred

Experience with DoD or federal civilian accreditation processes
Experience transitioning systems from DIACAP to RMF
Familiarity with cloud security compliance (FedRAMP, AWS/Azure controls)

Benefits

Medical
Dental
Vision
401K with 4% match
Paid Time Off (PTO)
Life and Disability Insurance
Employee Assistance Program
Flexible Spending Accounts (FSA)
Dependent Care Reimbursement Program
Group Term Life Insurance
Supplemental Life and A&D Insurance
Short & Long Term Disability
Life Discount Program

Company

FEDITC

twittertwittertwitter
company-logo
Founded in 2003, FEDITC, LLC is an ISO 9001/20000-1/27001, and CMMI level 3 certified cyber security, IT, and engineering services firm.
dateFounded in 2003
location
San Antonio, Texas, USA
people-size201-500 employees
web-link
http://feditc.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Hong Deng
CEO & Founder
linkedin
Company data provided by crunchbase