Save Job
Posted 3y ago

Risk Management Framework (RMF) Analyst

@ DeVilliers Technology Solutions
Stafford, Virginia, United States
$70k-$110k/yrOnsiteFull Time
Responsibilities:Applying RMF, Drafting RMF, Developing RMF documentation
Requirements Summary:Experience applying RMF per NIST SP 800-37; drafting RMF artifacts; knowledge of NIST SP 800-53; experience with cyber-security analysis tools.
Technical Tools Mentioned:RMF, NIST SP 800-37, NIST SP 800-53, Cyber-Security analysis tools
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Position Summary

The candidate shall be responsible for analyzing Software applications and encryption technology product(s) being assessed or developed for the purpose of specifying and developing Risk Management Framework (RMF) documentation. These documents are required in order to submit products for an Authority To Operate (ATO) or for certifications, such as the National Information Assurance Partnership (NIAP) and the Classified Solutions for Classified (CSfC).


Essential Duties and Responsibilities

The essential functions include, but are not limited to the following:

  • Apply the NIST Special Publication 800-37 Rev 2 Risk Management Framework (RMF) process to information systems and applications currently being assessed or developed by our company for use in the U.S. Federal government, especially the Department of Defense (DoD).
  • Formulate plans and schedules to conduct either portions or all of the RMF process on selected products.
  • Conduct and guide the analysis needed to gather information needed to produce RMF artifacts.
  • Provide recommendation on how RMF products can be used to prepare for other processes or certifications, such as NIAP and CSfC.
  • Develop RMF documentation as required to prepare products and systems for submission to an ATO authority or a NIAP/CSfC laboratory.

Minimum Qualifications (Knowledge, Skills, and Abilities)

  • Experience conducting RMF process, per NIST SP 800-37 for in-development or existing programs or systems.
  • Experience personally drafting RMF products.
  • Detailed knowledge ofNIST SP 800-53.
  • Experience using Cyber-Security analysis tools.

Desired Qualifications (Knowledge, Skills, and Abilities)

  • Experience undergoing the NIAP certification process to successful completion, or work experience conducting NIAP certification within a third party NIAP laboratory.
  • Experience working within the CSfC program.
  • Certifications in Information Systems security, such as CISSP.

Compensation

  • Salary is $80,000 - $125,000, based on experience and qualifications
  • Benefits include health, dental, and vision insurance, short and long term disability, life insurance, 401K, Health Reimbursement Agreement (HRA), and 10 days paid leave, 7 sick days, and 11 Federal holidays.

10 days paid leave, 11 holidays, 401K with matching, HRA, and dental, life, and short and long term disability insurance.