Cybersecurity RMF Manager
ASM Research
1d
About The Position
The Cybersecurity RMF Manager is responsible for providing comprehensive cybersecurity authorization and accreditation services in support of the Risk Management Framework (RMF) process for USACE systems, networks, and applications. This role involves collaborating with system owners, cybersecurity teams, and technical teams to advance through all six steps of the RMF process, developing security plans, generating assessment reports, formulating remediation plans, and ensuring compliance with DoD, Army, and USACE policies and procedures.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent work experience)
- 8+ years of experience in cybersecurity roles with strong background in Risk Management Framework (RMF) process
- Expert-level knowledge of DoD, Army, and USACE cybersecurity policies and procedures
- Demonstrated proficiency in developing security plans and generating assessment reports
- Extensive experience with categorizing information systems and selecting/implementing security controls
- Proficiency in producing DISA-required artifacts and documenting RMF data in approved repositories (eMASS)
- Strong analytical, problem-solving, and communication skills
- Risk Management Framework (RMF) Process Management
- NIST Security Controls & Implementation
- Security Authorization & ATO Management
- Security Plan Development & Documentation
- DISA Compliance & Artifact Development
Nice To Haves
- CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) certification
- Certified Authorization Professional (CAP) certification from (ISC)²
- Familiarity with DoD and/or USACE IT environment and RMF implementation practices
- Experience with eMASS platform for RMF documentation and artifact management
- Knowledge of NIST SP 800-53 security controls and continuous monitoring frameworks
- Background in federal IT security authorization and compliance
- Experience with system categorization (FIPS 199, NIST SP 800-30 risk assessment)
- eMASS Platform Administration
- DoD & USACE Security Policies
- Continuous Monitoring & Security State Management
- Risk Assessment & Threat Analysis
- Federal Authorization Frameworks
Responsibilities
- Lead organizations through all six steps of the DoD Risk Management Framework (RMF) process
- Categorize information systems based on FIPS 199 and NIST SP 800-53 standards
- Develop comprehensive security plans and control selection documentation
- Coordinate security control implementation and system-specific security testing
- Generate assessment reports and security control assessment documentation
- Develop remediation plans and implement corrective actions for identified vulnerabilities
- Manage Security Authorization Agreements (SAA) and Authority to Operate (ATO) processes
- Maintain RMF documentation in approved repositories such as eMASS (Enterprise Mission Assurance Support Service)
- Monitor security states and ensure continuous compliance with security controls
- Serve as subject matter expert on RMF processes, DISA requirements, and security authorization best practices
- Prepare security authorization briefings and compliance reports for government stakeholders
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
