RMF Engineer -- Fort Belvoir, VA - Onsite

Lorven technologies

Fort Belvoir, VA

Expired: 16 days ago Applications are no longer accepted.

Full-Time

Job Description

Job Title: RMF Engineer
Location: Fort Belvoir, VA - Onsite
Duration: Full Time

Responsibilities:

Develop and deliver implementation plans, risk assessments, research, and analysis supporting RMF and continuous monitoring based on Government regulations, plans, and direction.
Provide monthly status reports and track the execution of Army RMF, including compliance with authorizations, system assessments, and Plan of Actions & Milestones (POA&M) expirations and executions.
Collaborate with automated RMF tools such as eMASS and APMS, following the Federal Information Security Management Act (FISMA), DoD Directive 8500.01, NIST Special Publication 800-53, and CNSSI 1253 guidelines.
Ensure compliance with DoD Cybersecurity (CS) policy requirements outlined in DoDI 8500.01, DoDI 8510.01, and their successors.
Integrate with Security Requirements Guide (SRG) and Security Technical Implementation Guides (STIG) development teams to include emerging technologies in the STIG roadmap process.
Conduct onsite visits and surveys to address security compliance and technical analysis, producing comprehensive reports and recommendations for improvements and enhancements.
Identify risk areas through implementation shortfalls and develop plans to recommend policy updates, addressing widespread issues and exceptions to policy.
Participate in working groups, forums, and direct interactions to gather information for research and analysis in support of RMF and continuous monitoring.
Standardize forms and integrate with continuous Authorization to Operate (cATO) and RMF emerging technology efforts to reduce the burden on mission owners while maintaining security.
Provide guidance on addressing risks from a mission and business process perspective, ensuring Army CS initiatives align with applicable laws and regulations.
Support the integration of Operational Technology (OT) into the Army's IT and Network Operations CS capability by tracking emerging tech and working with mission owners.
Conduct outreach and education on data value and categorization, integrating with various Army data owners to achieve unified end-to-end multi-element asset capabilities.
Support the Commercial Temporary Exception to Policy (C-TEP) program, creating standardized templates and workflow automation.
Track tasks and requirements aligned with the Army Data Strategy and Army Directives, representing Army security needs in future strategy and directives.

Experience required:

Bachelor's degree in a relevant field or equivalent experience.
10+ years of proven experience in RMF policy creation, risk assessments, and cybersecurity compliance.
In-depth knowledge of RMF 2.0, FISMA, NIST publications, and DoD cybersecurity policies.
IAM Level III certification or equivalent cybersecurity certifications.
Excellent communication and collaboration abilities to work with various stakeholders.
Ability to conduct onsite visits and technical analysis.
Understanding of emerging technologies and their impact on cybersecurity.