The RMF / ISSO Lead serves as the leader for the Risk Management Framework (RMF) program and Authority to Operate (ATO) lifecycle under the Information Security Program Support Services (ISPSS) effort supporting the NIH Office of the Director, Office of Information Technology (OD OIT), responsible for managing the RMF lifecycle under NIST 800-53 Rev. 5, leading Assessment and Authorization (A&A) package development, and maintaining the enterprise risk register and POA&Ms. This role drives execution across system categorization and authorization, continuous monitoring, audit and assessment support, and RMF guidance to system owners and ISSOs in close coordination with NIH/OD OIT leadership. This is a full-time position with work performed primarily offsite, though travel to NIH/OD facilities in the Bethesda, MD area will be required on an as-needed basis. Core hours are Monday-Friday, 7:00 AM - 6:00 PM EST, and after-hours support for emergency incidents will be required as needed by NIH/OD. Position is contingent upon award and client approval.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Senior