RMF Cybersecurity ISSO/SME 3

KBR•North Charleston, SC

1d•Remote

About The Position

KBR is seeking a Cybersecurity Risk Management Framework (RMF) Information System Security Officer (ISSO) to support the DHA Solution Delivery Division (SDD). In this role, you will lead Assessment & Authorization (A&A) activities and guide systems through the RMF lifecycle to achieve and maintain Authorizations to Operate (ATOs) for mission-critical medical systems. You will work closely with engineers, developers, and government stakeholders to ensure compliance with NIST, DoD, and DHA cybersecurity requirements while supporting continuous monitoring and risk management efforts. This 100% remote position requires availability during standard Eastern Time (ET) day shift hours. Join KBR to contribute directly to protecting critical healthcare systems supporting warfighters and their families.

Requirements

Active DoD Secret security clearance
Bachelor’s degree in cybersecurity, information technology, or related field with 6+ years of experience; or 14+ years of relevant cybersecurity/IT experience in lieu of degree.
DoD Manual 8140.03 (formerly 8570.01)-compliant certification (e.g., Security+, CISSP, CASP+/SecurityX)
Demonstrated experience performing RMF activities as an ISSO/ISSM/SME, including ATO process support and RMF package development (Security Plans, POA&Ms, architecture diagrams, system security policies, etc.)
Demonstrated experience assessing and documenting NIST SP 800-53 controls
Experience using Microsoft Office applications: Word, PowerPoint, Excel, and SharePoint

Nice To Haves

Experience using eMASS or equivalent compliance-tracking application
Experience supporting RMF processes under DHA
Familiarity with ACAS and DISA STIGs/SRGs and tools such as STIG Viewer and SCAP Compliance Checker
Familiarity with Continuous Monitoring and Risk Scoring (CMRS)
Experience using Microsoft Project to build Integrated Master Schedules (IMS)

Responsibilities

Manage one or more information systems throughout the full six-step RMF lifecycle, including assessment, authorization, and continuous monitoring activities
Serve as an RMF Subject Matter Expert (SME), advising stakeholders on cybersecurity compliance, risk posture, and ATO readiness
Develop, review, and maintain RMF packages and associated documentation, including Security Plans, POA&Ms, Risk Assessment Reports, and security control policies
Assess system compliance against NIST SP 800-53 controls and DHA RMF requirements as part of self-assessment and annual reviews
Document and maintain evidence supporting control implementation and compliance
Lead and participate in A&A and stakeholder meetings to track system status, resolve issues, and drive RMF progress
Coordinate with engineers and system owners to develop architecture diagrams, system asset inventories, and security policies
Prepare and deliver status reports to DHA leadership on system authorization and compliance efforts

Benefits

KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule.
We support career advancement through professional training and development.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume