RMF Cybersecurity ISSO/SME 3

Job Description

The RMF Cybersecurity ISSO/SME 3 role involves overseeing information systems throughout the entire six-step Risk Management Framework (RMF) lifecycle. Responsibilities include assessment, authorization, and continuous monitoring. The role also acts as a Subject Matter Expert (SME), advising stakeholders on cybersecurity compliance, risk posture, and Authorization to Operate (ATO) readiness. Key tasks include developing and maintaining RMF packages, assessing system compliance, documenting control implementation, leading meetings, coordinating with engineers, and delivering status reports to leadership.

Qualifications

1. Possess an active DoD Secret security clearance. 2. Hold a Bachelor’s degree in cybersecurity, information technology, or a related field with 6+ years of experience; or 14+ years of relevant cybersecurity/IT experience in lieu of a degree. 3. Have a DoD Manual 8140.03 (formerly 8570.01)-compliant certification (e.g., Security+, CISSP, CASP+/SecurityX). 4. Demonstrate experience performing RMF activities as an ISSO/ISSM/SME, including ATO process support and RMF package development. 5. Demonstrate experience assessing and documenting NIST SP 800-53 controls. 6. Be proficient in using Microsoft Office applications: Word, PowerPoint, Excel, and SharePoint. 7. Experience using eMASS or equivalent compliance-tracking application (Preferred). 8. Experience supporting RMF processes under DHA (Preferred). 9. Familiarity with ACAS and DISA STIGs/SRGs and tools (Preferred). 10. Familiarity with Continuous Monitoring and Risk Scoring (CMRS) (Preferred). 11. Experience using Microsoft Project to build Integrated Master Schedules (IMS) (Preferred).

Benefits

- 401K plan with company match - Medical, dental, vision, life insurance - AD&D - Flexible spending account - Disability - Paid time off - Flexible work schedule - Professional training and development