Cybersecurity Compliance / RMF Lead (ATO Lead)

About The Position

Requirements

• 7+ years of experience in cybersecurity compliance within federal environments.
• Strong hands-on experience implementing and managing RMF.
• Demonstrated experience leading federal ATO processes.
• Deep knowledge of NIST SP 800-53 security controls and assessment procedures.
• Experience developing SSPs, SARs, SAPs, and POA&Ms.
• Strong written and verbal communication skills.

Responsibilities

• Lead end-to-end RMF activities in accordance with National Institute of Standards and Technology guidance.
• Develop, maintain, and manage required security documentation including:
• System Security Plan (SSP)
• Security Assessment Plan (SAP)
• Security Assessment Report (SAR)
• Plan of Action and Milestones (POA&M)
• Conduct security categorization and control selection based on National Institute of Standards and Technology Special Publication 800-53 requirements.
• Lead and support Authority to Operate (ATO) and re-authorization efforts.
• Ensure compliance with:
• NIST SP 800-53
• FISMA
• FedRAMP requirements (as applicable)
• Coordinate security control assessments and remediation activities.
• Track vulnerabilities and manage POA&M items through closure.
• Conduct and document security risk assessments.
• Collaborate with Information System Security Officers (ISSOs), system owners, and security assessors.
• Provide compliance status updates to leadership and federal stakeholders.
• Support internal and external audits.