Security/RMF Specialist jobs in United States
cer-icon
Apply on Employer Site
company-logo

Nationwide IT Services, Inc. · 5 hours ago

Security/RMF Specialist

positionAlexandria, VA
timeFull-time
remoteHybrid
seniorityMid, Senior Level
date5+ years exp

Nationwide IT Services, Inc. is seeking a Security/RMF Specialist for a full-time opportunity. The role involves executing and managing the full NIST RMF lifecycle, ensuring compliance with various security standards, and advising program leadership on security posture and risks.

Cyber SecurityInformation ServicesInformation TechnologyManagement Consulting
badNo H1BnoteSecurity Clearance Requirednote

Responsibilities

Execute and manage the full NIST RMF lifecycle (Prepare, Categorize, Select, Implement, Assess, Authorize, Monitor)
Support system authorization efforts, including: Initial ATO, ATO renewals, Significant change packages, Continuous ATO (cATO) initiatives where applicable
Ensure compliance with: NIST SP 800-53 (Rev 4/5), FedRAMP Moderate / High, FISMA, DoD RMF / DoD Cloud Computing Security Requirements Guide (SRG)
Assess and monitor cloud security configurations across AWS services such as: IAM, VPC, Security Groups, NACLs, CloudTrail, CloudWatch, Config, KMS, S3, RDS, ECS/EKS (as applicable)
Ensure proper implementation of: Least privilege access, Encryption at rest and in transit, Logging, monitoring, and alerting, Boundary protection, and network segmentation
Track remediation activities and manage POA&Ms through closure
Perform risk assessments and provide risk-based recommendations to system owners and Authorizing Officials (AOs)
Advise program leadership on security posture, risks, and mitigation strategies

Qualification

NIST RMFCISSPFedRAMPFISMACloud SecurityRisk AssessmentSecurity DocumentationCommunication Skills

Required

Active Secret Required
CISSP, CAP, CISM, or Security+ certification required
Execute and manage the full NIST RMF lifecycle (Prepare, Categorize, Select, Implement, Assess, Authorize, Monitor)
Support system authorization efforts, including: Initial ATO, ATO renewals, Significant change packages, Continuous ATO (cATO) initiatives where applicable
Ensure compliance with: NIST SP 800-53 (Rev 4/5), FedRAMP Moderate / High, FISMA, DoD RMF / DoD Cloud Computing Security Requirements Guide (SRG)
Assess and monitor cloud security configurations across AWS services such as: IAM, VPC, Security Groups, NACLs, CloudTrail, CloudWatch, Config, KMS, S3, RDS, ECS/EKS (as applicable)
Ensure proper implementation of: Least privilege access, Encryption at rest and in transit, Logging, monitoring, and alerting, Boundary protection, and network segmentation
Track remediation activities and manage POA&Ms through closure
Perform risk assessments and provide risk-based recommendations to system owners and Authorizing Officials (AOs)
Advise program leadership on security posture, risks, and mitigation strategies

Preferred

Active Secret Clearance Preferred
Bachelor's Degree in Computer Science or Information Systems
5+ years of experience in information security, with 3+ years supporting RMF and federal compliance efforts
Strong working knowledge of: NIST RMF, CCSRG, NIST SP 800-53, FedRAMP, FISMA
Experience authoring and maintaining RMF documentation (SSP, POA&M, SAR)
CISSP, CAP, CISM, or Security+ certification

Benefits

Medical, dental, and vision insurance
Life and disability insurance
401(k) plan with employer match
Paid holidays
PTO (sick/vacation)
Commuter benefits
Employee assistance program (EAP)
Educational reimbursement
Pet Insurance

Company

Nationwide IT Services, Inc.

twittertwittertwitter
company-logo
Nationwide IT Services, Inc.
dateFounded in 2006
location
Fairfax, Virginia, USA
people-size201-500 employees
web-link
http://nw-its.com/

Funding

Current Stage
Growth Stage
Company data provided by crunchbase