SIGN IN
Risk Management Framework (RMF) Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Intelligent Waves · 1 day ago

Risk Management Framework (RMF) Analyst

positionNorfolk, VA
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp
Intelligent Waves is seeking a Risk Management Framework Analyst to support a U.S. Navy cyber Operational Test and Evaluation mission. This role applies cybersecurity expertise to ensure compliance with Department of Defense policies and involves managing RMF activities and documentation.
Information Technology & Services
check
Comp. & BenefitsbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Manage RMF and A&A activities, including eMASS updates, annual package reviews, POA&Ms, SARs, and authorization artifacts
Perform security control assessments, DISA STIG validations, and configuration audits; identify gaps and recommend corrective actions or compensating controls
Track, report, and brief the status of outstanding security findings and authorization actions
Support Configuration Control Board (CCB) activities and ensure approved changes are reflected in security authorization documentation
Develop, maintain, and validate cybersecurity Standard Operating Procedures (SOPs) and security documentation
Maintain accurate inventories for authorized software, government-furnished equipment, network configurations, ports, protocols, and services
Maintain system and network records within DoD repositories including DITPR-DON, DADMS, GIAP, and SNAP
Provide cybersecurity subject matter expertise to support compliance with DoD, DoN, NIST, and mission-specific security requirements
Ensure systems, servers, laptops, and network devices are securely configured and validated prior to deployment
Review, assess, and support IT contingency and disaster recovery plans
Participate in and document tabletop or contingency exercises
Operate independently or within small teams to execute cybersecurity tasks with minimal supervision

Qualification

RMF activitiesDoD cybersecurity policySecurity control assessmentsSystem documentationCybersecurity SOPsDoD repositoriesSoft skills

Required

5+ years of experience integrating enterprise and system security controls across the system development lifecycle
3+ years of experience executing RMF activities, including assessment of management, operational, and technical controls for DoD IT systems
3+ years of experience supporting system authorization and accreditation efforts in accordance with DoD and DoN cybersecurity policy
Experience maintaining security artifacts and inventories, including authorized software, government-furnished equipment, removable media, and system documentation
Experience developing and maintaining system, network, and circuit documentation within DoD repositories and approval systems (e.g., DITPR-DON, DADMS, GIAP, SNAP)
Experience tracking, reporting, and briefing authorization actions and Configuration Control Board-approved changes
Knowledge of DoD cybersecurity directives (IAVs, TASKORDs, CTOs) and supporting compliance validation and external reviews
Experience conducting tabletop or contingency exercises and reviewing IT contingency and disaster recovery plans for NIST and DoN compliance

Benefits

Medical
Dental
Vision
Paid PTO
Life and disability insurance
Technical training
Tuition bonuses

Company

Intelligent Waves

twitter
company-logo
Intelligent Waves, a veteran-owned organization, delivers secure, innovative technology solutions for federal defense and intelligence missions.
dateFounded in 2006
location
Reston, VA, US
people-size51-200 employees
web-link
https://intelligentwaves.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Marqus Hutchinson
Chief Technology Officer
linkedin
leader-logo
Amy Wood
Chief Financial Officer
linkedin
Company data provided by crunchbase