Risk Management Framework (RMF) Analyst (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Risk Management Framework (RMF) Analyst (Cybersecurity): Sustaining the authorization lifecycle of a mission-critical Department of Veterans Affairs (VA) cloud platform with an accent on NIST RMF process compliance. Focus on developing and maintaining RMF documentation, performing continuous monitoring, and preparing Authorization to Operate (ATO) packages.
Location: Remote in any United States jurisdiction, excluding AK, CA, CO, CT, DC, HI, LA, MA, MN, MO, NE, NV, NH, NJ, NM, NY, ND, OR, PR, RI, VT, WA, WY.
Salary: $72,517 - $111,100
Company
is a certified service-disabled veteran-owned, veteran-owned, and woman-owned small business with 26 years of experience delivering quality IT systems and programs.
What you will do
- Support all six steps of the NIST RMF process for hosted applications.
- Develop, update, and maintain required RMF documentation, including Disaster Recovery Plans.
- Ensure continuous monitoring activities align with VA policies.
- Implement and maintain NIST security controls in accordance with the approved baseline.
- Prepare and submit artifacts for ATO packages and reauthorization efforts.
- Coordinate with security personnel and third-party assessors during authorization reviews.
Requirements
- Must be a U.S. Citizen or Permanent Resident who has lived in the U.S. for at least 3 years.
- Must hold an active Federal Civilian Public Trust clearance.
- 5 years of experience supporting NIST RMF processes.
- Bachelor's degree in cybersecurity, information assurance, or a related field.
- Excellent verbal and written communication skills.
- Experience supporting a federal agency.
Nice to have
- CompTIA Security+ certification.
Culture & Benefits
- Comprehensive medical, dental, vision, and prescription drug coverage.
- Company-paid life insurance, short-term, and long-term disability.
- 401k retirement plan with multiple investment options.
- Supplemental coverages including accident, critical illness, and hospital insurance.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →