Risk Management Framework (RMF) Analyst
About The Position
FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. FEDITC develops mission critical national security systems throughout the world directly supporting the Warfighter, DoD Leadership, & the country. We are proud & honored to provide these services. Overview of position: FEDITC is seeking a Risk Management Framework (RMF) Analyst to support cybersecurity compliance and accreditation efforts for federal systems. The ideal candidate will have hands-on experience with the RMF lifecycle, excellent documentation skills, and the ability to collaborate effectively with cross-functional teams to achieve and maintain system Authorization to Operate (ATO). A United States Citizenship and an active Secret DoD Security Clearance is required to be considered for this position.
Requirements
- Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field.
- Minimum of 3 years of hands-on experience supporting RMF or similar compliance frameworks.
- Knowledge of NIST RMF standards (800-37, 800-53, 800-30).
- Experience with cybersecurity tools and risk management platforms (e.g., eMASS, ACAS, STIGs, SCAP tools).
- Active DoD 8570.01-M certification (e.g., Security+, CAP, or CISSP).
- Strong written and verbal communication skills.
- Ability to work independently and collaboratively in a fast-paced environment.
- Active U.S. government security clearance (Secret or higher preferred).
- Must be a US Citizen and pass a background check.
- Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FEDITC and/or required by FEDITC’S Client(s)/Customer(s)/Prime contractor(s).
Nice To Haves
- Experience with DoD or federal civilian accreditation processes.
- Experience transitioning systems from DIACAP to RMF.
- Familiarity with cloud security compliance (FedRAMP, AWS/Azure controls)
Responsibilities
- Support execution of the full RMF lifecycle (Categorization, Selection, Implementation, Assessment, Authorization, and Monitoring) for assigned systems.
- Develop, review, and maintain RMF documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans, and other artifacts.
- Conduct risk assessments and control validation activities in accordance with NIST SP 800-53 and other relevant guidelines.
- Coordinate with ISSMs, system owners, engineers, and assessors to ensure control implementation, evidence collection, and audit readiness.
- Perform continuous monitoring activities and maintain ongoing system security posture.
- Track and manage system accreditation status using tools such as eMASS, XACTA, or equivalent.
- Assist with internal and external security audits and inspections.
- Identify and recommend risk mitigation strategies to ensure compliance and enhance security.
Benefits
- Medical
- Dental
- Vision
- 401K with 4% match
- Paid Time Off (PTO)
- Life and Disability Insurance
- Employee Assistance Program
- Flexible Spending Accounts (FSA)
- Dependent Care Reimbursement Program
- Group Term Life Insurance
- Supplemental Life and A&D Insurance
- Short & Long Term Disability
- Life Discount Program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
51-100 employees
