RMF Analyst (R-00114) jobs in United States
cer-icon
Apply on Employer Site
company-logo

True Zero Technologies · 1 day ago

RMF Analyst (R-00114)

positionUnited States
timeFull-time
remoteRemote
seniorityMid Level

True Zero Technologies is a veteran-owned small business focused on enabling people and technology for better outcomes. They are seeking an RMF Analyst responsible for ensuring information systems comply with federal and organizational security standards and helping achieve and maintain an Authority to Operate (ATO) for technical systems.

Information ServicesInformation Technology
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Guide systems through the 6-step RMF process (NIST SP 800-37) to obtain/maintain an ATO
Evaluate technical controls using tools like ACAS or SCAP and analyze STIG (Security Technical Implementation Guides) checklists
Create and maintain SSPs (System Security Plans), POA&Ms, and security assessment reports
Identify, analyze, and mitigate security risks in coordination with system owners and stakeholders
Conduct continuous monitoring to ensure ongoing compliance with Federal or DoD cybersecurity policies
Defining the system's boundary and assessing the potential impact of a security breach on the organization’s mission
Identifying and tailoring the specific security controls
Verifying that security controls are properly implemented through audits, technical testing, and vulnerability scans

Qualification

RMF processSecurity Control AssessmentRisk ManagementCompliance MonitoringCompTIA Security+CISSPCGRCEMASSXACTAACASTechnical DocumentationSoft Skills

Required

Bachelor's degree in Computer Science, Cybersecurity, or Information Systems
Guide systems through the 6-step RMF process (NIST SP 800-37) to obtain/maintain an ATO
Evaluate technical controls using tools like ACAS or SCAP and analyze STIG (Security Technical Implementation Guides) checklists
Create and maintain SSPs (System Security Plans), POA&Ms, and security assessment reports
Identify, analyze, and mitigate security risks in coordination with system owners and stakeholders
Conduct continuous monitoring to ensure ongoing compliance with Federal or DoD cybersecurity policies
Defining the system's boundary and assessing the potential impact of a security breach on the organization's mission
Identifying and tailoring the specific security controls
Verifying that security controls are properly implemented through audits, technical testing, and vulnerability scans

Preferred

Certifications are highly encouraged such as: CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified in Governance, Risk, and Compliance (CGRC)
Proficiency with RMF management tools like eMASS, XACTA, or STIG Viewer, and vulnerability scanners like ACAS or Nessus
Holding and maintaining a clearance may be required

Company

True Zero Technologies

twittertwitter
company-logo
True Zero Technologies, a veteran-owned small business.
dateFounded in 2016
location
Annandale, Virginia, USA
people-size51-200 employees
web-link
https://truezerotech.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Carl Salzano
Chief Executive Officer
linkedin
leader-logo
Jonathan Cooper
Chief Technology Officer
linkedin

Recent News

Morningstar
True Zero Technologies Professional and Managed Services for Tanium Now Available on Carahsoft NASPO ValuePoint Contract
2023-09-20
Company data provided by crunchbase