Senior Security Risk Management (RMF) Engineer

OneZero SolutionsWashington, DC
Onsite

About The Position

Leads Assessment & Authorization (A&A), risk management, and continuous authorizations (cATO) activities to ensure system compliance and security posture across TS/SCI environments. We are an employee-centric company that truly values our team members and the contributions they make to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and on building teams that are, and continue to be, technically proficient across a broad range of cyber mission areas.

Requirements

  • Bachelor's degree in Cybersecurity or IT-related field or equivalent years of experience.
  • Minimum of 10 years of experience in performing Assessments and Authorizations (A&A) and Risk Management Framework (RMF) assessments.
  • Minimum 5 years of experience with evaluating and conducting A&A assessments of Cross Domain Solutions (CDS) systems to include High-Speed Guard (HSG) systems.
  • Expert knowledge of National Institute of Standards and Technology (NIST) 800-53 Security and Privacy Controls for Information Systems and Organizations.
  • Knowledge of NIST SP 800-207 Zero Trust Architecture, NIST AI-600-1, Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile, NIST Cybersecurity Framework (CSF), and the 18 main controls identified in the Center for Internet Security (CIS) Critical Security Controls.
  • Experience with classified systems and DHS/IC environments.
  • TS/SCI Clearance

Nice To Haves

  • Experience with Archer and Atlassian JIRA.
  • Demonstrated knowledge of Generative AI technologies, DHS Gen AI pathways and solutions.
  • AWS, CISSP certifications or comparable experience

Responsibilities

  • Execute RMF lifecycle activities, including categorization, control selection and implementation, assessment, authorization, and continuous monitoring.
  • Develop and maintain A&A/ATO documentation packages, including SSPs, SARs, POA&Ms, SOPs, and reporting artifacts.
  • Perform risk assessments, identify vulnerabilities, and recommend mitigation and corrective action strategies.
  • Manage continuous monitoring activities, security metrics reporting, and ongoing authorization support.
  • Apply NIST RMF, CNSSI 1253, and IC security frameworks to support ATO/ATC decision-making.
  • Coordinate with ISSOs, system owners, and Authorizing Officials to support authorization and compliance activities.
  • Develop specialized customer centric Gen AI guidelines for DHS I&A A&A, Continuous Monitoring (ConMon) and Plan of Actions and Milestones (POA&M) to include CDS systems.
  • Collaborate with Archer to identify relevant RMF controls related to both Zero Trust and Gen AI and add controls for monitoring and reporting.
  • Coordinate with appropriate organizational stakeholders to ensure Zero Trust and Gen AI are both implemented broadly, end-to-end across customer environments to include Information System Security Officer (ISSO) supported environments.
  • Work across government and industry to evaluate and shape RMF and CDS policy around Zero Trust, Gen AI and related topics.

Benefits

  • health, dental, vision, and life insurance
  • a 401(k) with company matching
  • paid time off and holidays
  • an employee referral program
  • educational assistance
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service