Risk Management Framework (RMF) Analyst

DeVilliers Technology Solutions LLC

$80K — $125K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience with Risk Management Framework process per NIST SP 800-37
  • Proven ability to draft RMF documentation
  • In-depth knowledge of NIST SP 800-53
  • Experience utilizing Cyber-Security analysis tools
  • Familiarity with NIAP certification processes is a plus
  • Experience with the CSfC program is preferred
  • Relevant certifications such as CISSP are desirable

Responsibilities

  • Apply the RMF process to develop and assess software applications and encryption technologies
  • Plan and schedule RMF process activities for selected products
  • Conduct analyses to gather necessary information for RMF artifacts
  • Advise on RMF products for other certifications like NIAP and CSfC
  • Create comprehensive RMF documentation for ATO submissions

Benefits

  • Health, dental, and vision insurance
  • Short and long-term disability
  • Life insurance
  • 401K plan
  • Health Reimbursement Agreement (HRA)
  • 10 days paid leave and 7 sick days
  • 11 Federal holidays off
Full Job Description
Position Summary

The candidate shall be responsible for analyzing Software applications and encryption technology product(s) being assessed or developed for the purpose of specifying and developing Risk Management Framework (RMF) documentation. These documents are required in order to submit products for an Authority To Operate (ATO) or for certifications, such as the National Information Assurance Partnership (NIAP) and the Classified Solutions for Classified (CSfC).

Essential Duties and Responsibilities

The essential functions include, but are not limited to the following:
  • Apply the NIST Special Publication 800-37 Rev 2 Risk Management Framework (RMF) process to information systems and applications currently being assessed or developed by our company for use in the U.S. Federal government, especially the Department of Defense (DoD).
  • Formulate plans and schedules to conduct either portions or all of the RMF process on selected products.
  • Conduct and guide the analysis needed to gather information needed to produce RMF artifacts.
  • Provide recommendation on how RMF products can be used to prepare for other processes or certifications, such as NIAP and CSfC.
  • Develop RMF documentation as required to prepare products and systems for submission to an ATO authority or a NIAP/CSfC laboratory.

Minimum Qualifications (Knowledge, Skills, and Abilities)
  • Experience conducting RMF process, per NIST SP 800-37 for in-development or existing programs or systems.
  • Experience personally drafting RMF products.
  • Detailed knowledge ofNIST SP 800-53.
  • Experience using Cyber-Security analysis tools.

Desired Qualifications (Knowledge, Skills, and Abilities)
  • Experience undergoing the NIAP certification process to successful completion, or work experience conducting NIAP certification within a third party NIAP laboratory.
  • Experience working within the CSfC program.
  • Certifications in Information Systems security, such as CISSP.
Compensation
  • Salary is $80,000 - $125,000, based on experience and qualifications
  • Benefits include health, dental, and vision insurance, short and long term disability, life insurance, 401K, Health Reimbursement Agreement (HRA), and 10 days paid leave, 7 sick days, and 11 Federal holidays.

Similar Jobs

More Jobs at DeVilliers Technology Solutions LLC

More Information Technology Jobs

Find similar Risk Management Framework (RMF) Analyst jobs: