Risk Management Framework (RMF) Analyst u2013 Top ...

Risk Management Framework (RMF) Analyst u2013 Top Secret Clearance Norfolk, VAu00a0 Cambridge International Systems, Inc.u00a0 Join a dynamic global team united by shared values: commitment, integrity, and perseverance. At Cambridge, youu2019ll work alongside top talent worldwide, tackling some of todayu2019s most complex and critical challenges in defense and security.u00a0 We are currently seeking a Risk Management Framework (RMF) Analyst to support operations in Norfolk, VA. This is a full-time position requiring an active DoD TS clearance.u00a0 This position is contingent upon contract award with an expected award date of January 2026.u00a0 What Youu2019ll Dou00a0 + u200bu200bu200bu200bu200bu200bu200bDesign and maintain enterprise and systems security throughout the development lifecycle in alignment with DoD and DoN RMF guidance. + Conduct assessments of management, operational, and technical security controls to evaluate system compliance and risk posture + Maintain and update RMF and A&A documentation across the OPTEVFOR Cyber OT&E mission, including revisions in eMASS and DADMS. + Create, validate, and revise cybersecurity SOPs, system security plans (SSPs), contingency plans, and privacy impact assessments. + Review and maintain inventories of authorized software, GFE, ports, protocols, and circuit registrations (GIAP/SNAP). + Execute annual RMF reviews and STIG validations on systems, identifying and recommending corrective actions for non-compliance. + Support configuration audits, vulnerability scans, POA&Ms, SARs, test plans, and documentation of RMF lifecycle artifacts. + Lead semi-annual tabletop exercises and review business impact analysis and disaster recovery plans for compliance. + Serve on the Configuration Control Board (CCB), ensuring approved changes are reflected in security documentation. + Provide technical reports on system scan results, cybersecurity compliance, and configuration management. + Advise stakeholders on risk management, ATO strategy, and secure architecture to meet mission requirements. What Youu2019ll Bringu00a0 Required Qualifications:u00a0 Education & Experience:u00a0u00a0 + Minimum 5 years of experience designing enterprise/system security throughout the development lifecycle. + Minimum 3 years conducting assessments of security controls and authoring RMF documentation. + Minimum 3 years of experience supporting RMF certification and accreditation efforts for DoD/DON systems. + Familiarity with eMASS, DADMS, GIAP, STIGs, and the DoDI 8510 series. + Strong working knowledge of NIST SP 800-series, DoD cybersecurity policies, and A&A lifecycle artifacts. + Must have a current and active DoD TS security clearance with the ability to obtain a SCI clearance. + Proficient with modern IT tools and infrastructure technologiesu00a0 u00a0u00a0Preferred (Nice to Have):u00a0 + Experience supporting OT&E environments, including cyber test toolset and infrastructure validation. + Knowledge of network architecture, PKI, firewall and encryption methods, and multilevel/cross-domain security solutions. + Ability to translate technical requirements into secure designs that meet mission and compliance objectives. + Knowledge of PII data security, program protection planning, and enterprise security architecture frameworks. + Proficiency in system hardening, vulnerability remediation, and documentation for RMF artifacts. + Experience conducting security audits, contingency plan tests, and cloud-based system evaluations. Travel & Passportu00a0 + Some overnight stays possible.u00a0u00a0 Work Environmentu00a0 + Compliance with vaccination and medical requirements for TDY/OCONUS roles as per Vaccine Recommendations by AOR Health.mil.u00a0 Office setting:u00a0 + Primarily an office-based role in Norfolk, VA + Standard desk/computer work with flexibility for walking and movement on siteu00a0 + Must be able to work in an office environment, sitting at a desk, looking at a computer for most of the workday.u00a0 + Work is physically comfortable; the employee has discretion about sitting, walking, standing, etc.u00a0 + May be required to travel short distances to offices/conference rooms and buildings on site.u00a0u00a0u00a0 Background & Securityu00a0 + Employment is contingent upon successful background investigationu00a0 + Drug screening may be required for federal contract complianceu00a0 Benefits & Perksu00a0 We believe in investing in our teamu2014both professionally and personally:u00a0 + Medical, dental, vision, life, accident, and critical illness insuranceu00a0 + 401(k) immediate vesting and matchu00a0 + Paid time off and company holidaysu00a0 + Generous tuition & training supportu00a0 + Relocation assistanceu00a0 + Sign-on and performance-based bonusesu00a0 + Employee referral programu00a0 + Access to Tickets at Work, EAP, wellness initiatives, and moreu00a0 Join Usu00a0 If you're driven by mission, technology, and teamworku2014we want to hear from you. Cambridge is growing, and this position is just one of many opportunities on our global team. Know someone perfect for the role? Referrals are welcomeu2014both employees and non-employees may qualify for a bonus.u00a0 Apply today and help shape the future of secure cloud computing for national security.u00a0 About Cambridge International Systemsu00a0 At Cambridge, innovation grows through diversity. We are proud to be an equal opportunity employer, committed to creating an inclusive and supportive work environment for all. Learn more at Powered by JazzHR

Created: 2025-12-05