Risk Management Framework SME
US-VA-Hampton
Careers (External)
Req #: 7849
Type: Full-Time
|
|
||||||||||
|
|||||||||||
Overview: GovCIO is currently hiring for a Risk Management Framework SME to support modernization effort. This position will be located in Hampton, VA on Joint Base Langley-Eustis and will be a fully onsite position. Responsibilities: We are seeking a highly skilled Risk Management Framework (RMF) Subject Matter Expert (SME) with a strong information system security manager (ISSM) background and hands-on experience with XACTA. You will guide system owners, engineering, teams and leadership through the full RMF lifecycle- ensuring compliance, managing documentation, and supporting secure system operations across classified and unclassified environments. This position is located at Langley Air Force Base, Hampton, Virginia. Key Responsibilities * Lead and manage the full DOD RMF process for assigned systems * Provide ISSM-level oversight and guidance to ensure compliance with DOD, NIST and agency-specific security policies * Develop, maintain, and validate RMF documentation including System Security Plans, Security controls traceability matrices, POA&M, and systems categorization artifacts * Utilize XACTA for control implementation, evidence upload, package creation, workflow, management, and assessment preparation * Work closely with engineers, administrators, developers, and mission stakeholders to ensure secure design and architecture decisions * Lead assessment preparation activities and support independent audits, CCRI reviews, and Authorizing Official (AO) evaluations * Conduct vulnerability analysis, risk assessment and remediation planning * Guide continuous monitoring activities: STIG compliance, vulnerability scanning, patch management review, and incident documentation * Serve as a subject matter expert for cybersecurity policy interpretation, control inheritance, and risk acceptance recommendations * Provide training, mentoring and support to security analysts and program team members Qualifications: High School with 9+ years (or commensurate experience) Required Skills and Experience Clearance: TS/SCI * Proven experience supporting or performing duties as an ISSM or ISSO * Hands-on experience with XACTA for RMF package development * Experience with STIGs, ACAS, HBSS/Trellix, vulnerability management, and secure configuration baselines * Strong communication skills and the ability to brief leadership and stakeholders * DOD 8140 IAM Level III (CISSP, CISM, CCISO) Preferred Skills and Experience * Experience supporting complex, multi-system environments or programs of record * Experience supporting CCRI/ Command Cyber Readiness Inspections * Experience with DOD networks (NIPR, SIPR, JWICS) #DSG #NSS #MAVERICK #TM #TMK
Share this job:
