Risk Management Framework Engineer
McLean, VA
2 Locations
Updated: May 08
Description
Altamira Technologies has a long and successful history providing innovative solutions throughout the U.S. National Security community. Headquartered in McLean, Virginia, Altamira serves the defense, intelligence and homeland security communities worldwide by focusing on creating innovative solutions leveraging common standards in architecture, data and security. Altamira believes that our people and the culture of our company differentiate us from other companies.
Position Location: Chantilly, VA/McLean, VA.
Position Description:
We are seeking a Risk Management Framework engineer responsible for a critical operational network. This role ensures systems are securely authorized to operate (ATO) by documenting compliance, and coordinating with technical and security stakeholders throughout the system lifecycle.
Responsibilities:
- Lead and support all phases of the Risk Management Framework (RMF) process in accordance with NIST SP 800-37, NIST SP 800-53 Security and Privacy Controls and related standards.
- Develop, maintain, and update RMF documentation including:
- System Security Plans (SSPs)
- Security Assessment Reports (SARs)
- Plans of Action and Milestones (POA&Ms)
- Coordinate security authorization packages for ATO decisions.
- Collaboration & Stakeholder Engagement
- Work closely with system engineers, network administrators, program managers, and security leadership.
- Participate in security working groups, technical reviews, and compliance audits.
- Communicate security posture and risk status to technical and non-technical stakeholders.
Knowledge Base:
- Risk Management Framework (RMF) lifecycle experience: all or most phases, including POA&M and continuous monitoring.
- ATO Process expertise: system support authorization, reauthorization and continuous compliance.
- Security control implementation based on NIST SP 800-53
- Experience with using ServiceNOW
Education and Experience:
- Bachelor’s in computer science, Cybersecurity, or information technology, or a related field
- At least 3-5 years of experience
- Active TS/SCI with a current CI Polygraph
- BS in Computer Science, Cyber Security, or related field.
- Demonstrated hands-on experience executing the RMF lifecycle (all or most phases).
- Familiarity with federal cybersecurity compliance environments
- One of more of the following active security certifications such as:
- CompTIA Security ,
- CISSP (Certified Information Systems Security Professional),
- CISM (Certified Information Security Manager),
- CIAM (Certified Identity and Access Manager).
Abilities and Competencies:
- Ability to operate independently and contribute immediately upon assignment.
- Self-motivated and eager to work intently to satisfy mission requirements
- Adaptable and has the desire to maintain our company culture
- Strong communication and coordination skills with technical and non-technical stakeholders
- Experience in security working groups, technical reviews, and compliance audits
- Ability to multitask and adjust priorities as needed
Nice to have:
- Familiarity with current Information Assurance (IA) and cybersecurity tools such as vulnerability management and scanning tools
- Experience with assessing security requirements and evaluating systems for gaps in security requirements.
Altamira is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. We focus on recruiting talented, self-motivated employees that find a way to get things done. Join our team of experts as we engineer national security!
Lead and support all phases of the Risk Management Framework (RMF) process in accordance with NIST SP 800-37, NIST SP 800-53 Security and Privacy Controls and related standards. Develop, maintain, and update RMF documentation including:System Security Plans (SS - Ps)Security Assessment Reports (SARs)Plans of Action and Milestones (POA&Ms)Coordinate security authorization packages for ATO decisions. Collaboration & Stakeholder Engagement. Work closely with system engineers, network administrators, program managers, and security leadership. Participate in security working groups, technical reviews, and compliance audits. Communicate security posture and risk status to technical and non-technical stakeholders. Knowledge Base: Risk Management Framework (RMF) lifecycle experience: all or most phases, including POA&M and continuous monitoring. ATO Process expertise: system support authorization, reauthorization and continuous compliance. Security control implementation based on NIST SP 800-53 Experience with using Service. NOW - Education and Experience:Bachelor’s in computer science, Cybersecurity, or information technology, or a related field. At least 3-5 years of experience. Active TS/ SCI with a current CI Polygraph. BS in Computer Science, Cyber Security, or related field. Demonstrated hands-on experience executing the RMF lifecycle (all or most phases). Familiarity with federal cybersecurity compliance environments. One of more of the following active security certifications such as:Comp. TIA Security ,CISSP (Certified Information Systems Security Professional),CISM (Certified Information Security Manager),CIAM (Certified Identity and Access Manager). Abilities and Competencies:Ability to operate independently and contribute immediately upon assignment. Self-motivated and eager to work intently to satisfy mission requirements. Adaptable and has the desire to maintain our company culture. Strong communication and coordination skills with technical and non-technical stakeholders. Experience in security working groups, technical reviews, and compliance audits. Ability to multitask and adjust priorities as needed. Nice to have: Familiarity with current Information Assurance (IA) and cybersecurity tools such as vulnerability management and scanning tools. Experience with assessing security requirements and evaluating systems for gaps in security requirements.
search terms: Management+Framework
Local Job Bulletin is an independent Job Search Engine. Local Job Bulletin is not endorsed, sponsored or affiliated with the actual employer of the job. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder.
Management Job Openings: Earn $15-$45/Hr. Immediate Hire
McLean
Upload your Resume - Let Employers find you!
Local Job Bulletin is an independent Job Search Engine. Local Job Bulletin is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Local Job Bulletin uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, job descriptions and other company descriptions / details are the property of their respective holder. Local Job Bulletin does not have its users apply for a job on the LocalJobBulletin.com website. Additionally, Local Job Bulletin may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.;