RMF Program Lead

About The Position

Requirements

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD.
• Must be a US Citizen.
• Clearance Requirement: Top Secret.
• Certified Information Security Manager (CISM).
• CompTIA Security+.
• ITIL Certification.

Nice To Haves

• RMF-Specific Certification - Certified Authorization Professional (CAP).
• Certified Information Systems Security Professional (CISSP).
• Certified Ethical Hacker (CEH).
• Project Management Professional (PMP).
• Cloud-Specific Certifications: AWS Certified Security – Specialty or similar cloud certifications (e.g., Microsoft Azure or Google Cloud Platform) for organizations leveraging cloud technologies in RMF processes.
• NIST-Specific Training.

Responsibilities

• Oversee and manage the overall execution of the Risk Management Framework (RMF) activities, ensuring adherence to established principles and standards (NIST SP 800-37 and 800-53).
• Provide advanced expertise on RMF processes to ensure consistent application of security controls, policies, and procedures across all DHRA systems.
• Lead and mentor a team of RMF professionals, ensuring the delivery of high-quality documentation and outputs such as System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).
• Ensure the accuracy, quality, and completeness of all deliverables related to the RMF process, driving continuous improvement and compliance.
• Act as the primary point of contact for all RMF-related matters, facilitating communication between internal teams, leadership, and external stakeholders.
• Ensure that all RMF activities comply with relevant regulations, policies, and guidelines, maintaining a secure operational posture for DHRA systems.
• Oversee the integration of RMF processes across the organization, identifying areas for improvement and fostering a culture of cybersecurity awareness and compliance.