RMF Analyst IV

Chenega Corporation•Huntsville, AL

10h

About The Position

RMF Analyst IV Huntsville, AL Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer’s core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level! Chronos Operations (CO) is a wholly-owned subsidiary of Chenega Corporation, an Alaska Native Corporation based in Anchorage, AK. Belonging to the Military, Intelligence, and Operations Support (MIOS) Strategic Business Unit (SBU), Chronos has a culture rooted in integrity, respect, and exceptional performance. Chronos is headquartered in Colorado Springs, CO, and provides mission-critical services in Advanced Analytics & AI, Software Engineering, Cybersecurity, Information Technology, and Intelligence. Chronos Operations, LLC is seeking an experienced RMF Analyst IV to provide oversight and resources needed to execute the contract requirements for the Army Materiel Command (AMC), Chief Information Office (CIO), across a wide range of cybersecurity tasks. The RMF Analyst IV conducts senior-level RMF analysis, artifact generation, and control validation.

Requirements

Bachelor's degree in science, Technology, Engineering, Mathematics, IT, or business-related programs
8+ years of experience in Cybersecurity compliance/Risk Management Framework
8+ years of experience with RMF (NIST 800-53), ATO packages, POA&M development, and system categorization is required
Cybersecurity certifications like CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CGRC (Certified in Governance, Risk and Compliance) are required.
Must have an active Secret clearance with the ability to obtain TS with SCI eligibility
Experience with eMASS and/or Xacta is required (preferably eMASS)
Must have high proficiency in the Microsoft Office suite and possess advanced skills and knowledge in programs like Word, Excel, PowerPoint, and Outlook
Must have an understanding of cloud technologies (e.g., AWS, Azure, GCP, Oracle) and hybrid cloud environments
Experience extracting, transforming, and structuring data to support both exploratory analytics and operational reporting.
Strong creative and visual storytelling skills with an eye for design, usability, and user experience.
Use expert knowledge of data visualization tools to deliver information that allows client users to quickly understand data, ask better questions, and take action.
Possess knowledge and experience with data analysis and data technical expertise in data management, engineering, and science.
Skillful time management and organizational skills to set and meet deadlines.
Ability to work both independently and within a team.
Ability to work effectively in a team environment to encourage collaboration, innovation, and continuous improvement.
Ability to meet minimum clearance requirements.
Ability to work nights, weekends, and holidays as required.
Ability to travel up to 10%.

Nice To Haves

3+ years’ experience supporting DoD or federal programs is highly desirable
Experience with cloud platforms like Amazon Web Services (AWS), Microsoft Azure, etc., and migrating customers/projects to the cloud
Experience working in a Unix/Linux environment
Experience working in cloud infrastructures

Responsibilities

Senior RMF practitioner managing ATO packages, continuous monitoring plans, and eMASS documentation.
Leads RMF stakeholder coordination with AO/AODR and security teams.
Deep understanding of cybersecurity frameworks, documentation, and technical validation processes, working closely with stakeholders and control assessors to ensure security and compliance.
Track timely and high-quality completion of process tasks and milestones, and report on the status of key milestones to performers and senior stakeholders
Oversee the cybersecurity lifecycle from inception to completion.
Develop, review, and update documentation to ensure compliance with RMF and Continuous Monitoring requirements.
Evaluate and validate technical processes related to ATO (Authority to Operate) requirements, ensuring alignment with cybersecurity standards.
Provide direct support to Control Assessors, assisting in the preparation and review of authorization information and documentation for RMF and Continuous Monitoring.
Assist with eMASS package completion and maintenance, including artifacts, self-assessments, and asset management.
Review project schedules, requirements, and risk assessments, offering recommendations to program stakeholders to enhance security posture.
Develops security plans, as well as assessment reports, plans of action, and milestones for remediation. Defines criticality or sensitivity of systems, performs categorization calculations, and recommends corrective action.
Recommends baseline security controls, assesses changes in controls, and coordinates changes to security authorizations.
Conducts evaluations to verify that design and implementation meet requirements.
Prepares test plans and conducts security control testing IAW with NIST SP800-53.
Other duties as assigned.