- Develop and deliver implementation plans, risk assessments, research, and analysis supporting RMF and continuous monitoring based on Government regulations, plans, and direction.
- Provide monthly status reports and track the execution of Army RMF, including compliance with authorizations, system assessments, and Plan of Actions & Milestones (POA&M) expirations and executions.
- Collaborate with automated RMF tools such as eMASS and APMS, following the Federal Information Security Management Act (FISMA), DoD Directive , NIST Special Publication 800-53, and CNSSI 1253 guidelines.
- Ensure compliance with DoD Cybersecurity (CS) policy requirements outlined in DoDI , DoDI , and their successors.
- Integrate with Security Requirements Guide (SRG) and Security Technical Implementation Guides (STIG) development teams to include emerging technologies in the STIG roadmap process.
- Conduct onsite visits and surveys to address security compliance and technical analysis, producing comprehensive reports and recommendations for improvements and enhancements.
- Identify risk areas through implementation shortfalls and develop plans to recommend policy updates, addressing widespread issues and exceptions to policy.
- Participate in working groups, forums, and direct interactions to gather information for research and analysis in support of RMF and continuous monitoring.
- Standardize forms and integrate with continuous Authorization to Operate (cATO) and RMF emerging technology efforts to reduce the burden on mission owners while maintaining security.
- Provide guidance on addressing risks from a mission and business process perspective, ensuring Army CS initiatives align with applicable laws and regulations.
- Support the integration of Operational Technology (OT) into the Army's IT and Network Operations CS capability by tracking emerging tech and working with mission owners.
- Conduct outreach and education on data value and categorization, integrating with various Army data owners to achieve unified end-to-end multi-element asset capabilities.
- Support the Commercial Temporary Exception to Policy (C-TEP) program, creating standardized templates and workflow automation.
- Track tasks and requirements aligned with the Army Data Strategy and Army Directives, representing Army security needs in future strategy and directives.
- Must hold a Secret Clearance.
- Strong preference for Army Background / Sr. NCO or Mid-Level Officer.
- Bachelor's degree in a relevant field or equivalent experience.
- 10+ years of proven experience in RMF policy creation, risk assessments, and cybersecurity compliance.
- In-depth knowledge of RMF 2.0, FISMA, NIST publications, and DoD cybersecurity policies.
- IAM Level III certification or equivalent cybersecurity certifications.
- Excellent communication and collaboration abilities to work with various stakeholders.
- Ability to conduct onsite visits and technical analysis.
- Understanding of emerging technologies and their impact on cybersecurity.
RMF Engineer - Fort Belvoir, United States - HRUCKUS
Description
Veteran Firm Seeking an RMF Engineer for Onsite Assignment at Fort Belvoir, VA
My name is Stephen Hrutka, and I lead a Veteran-owned firm in Washington, DC, focused on Supply Chain, Strategic Sourcing, and Technical/Cleared Recruiting.
HRUCKUS helps other veteran-owned businesses recruit for positions across the SBA, HHS, DARPA, and other cutting-edge R&D-related defense agencies.
Our newest client is looking for an RMF Engineer for a role at Fort Belvoir, VA.
The ideal candidate has a Secret Clearance or higher (TS preferred), 10+ years of proven experience in RMF policy creation, risk assessments, and cybersecurity compliance, and IAM Level III certification or equivalent cybersecurity certifications. Strong preference for Army Background / Sr. NCO or Mid-Level Officer.
If you're interested, I'll gladly provide more details about the role and further discuss your qualifications.
Thanks,
Stephen M Hrutka
Principal Consultant
Position Responsibilities:
Position Requirements:
The Target Salary is $160k to $165k.