Mount Indie
We're looking for a
DoD RMF Security Engineer
to join our team. This role is an opportunity to directly support mission-critical defense initiatives by ensuring secure systems, compliance with federal standards, and effective risk management. If you enjoy solving complex security challenges and working in a collaborative environment, this position offers both impact and growth.
Work Location:
Hybrid - average 1 day per week onsite at the Mark Center in Virginia (minimum 1 day/month)
What You'll Work On
Provide end-to-end
Assessment & Authorization (A&A)
support for DoD cybersecurity, privacy, and financial control initiatives Interpret risks and recommend solutions to meet DoD compliance and cybersecurity requirements under the NIST RMF and DoD Policy Map, implement, interpret, and document RMF security controls Manage the
eMASS cybersecurity management tool Requirements:
5 years of relevant RMF/Security Engineering experience to include: Experience in mapping, implementing, interpreting, and documenting RMF security controls Experienced managing the eMASS cybersecurity management tool Experience developing and submitting at least six (6) ATO packages Current Secret Clearance IAT level II (ie Security +) Additional Role Requirements
Strong knowledge of the
Risk Management Framework (RMF) lifecycle
within the federal government, including all A&A phases Experience supporting client risk management tasks such as: Managing POA&Ms Conducting Security Tests and Evaluations (ST&E) Creating system documentation Performing authorizations and risk assessments Handling third-party audits Ensuring compliance with
NIST 800-53
standards Performing threat assessments Ability to plan and monitor security control implementation to protect networks, enclaves, and systems Skilled in generating and interpreting
ACAS scans
to identify vulnerabilities and support remediation efforts Hands-on experience implementing and evaluating STIGs,
SCAP , and
SCAP Compliance Checker (SCC) Familiarity with A&A application platforms such as
eMASS, CSAM, Xacta Prior technical background (e.g., system or network administrator) is a plus
This role is ideal for someone who thrives in a mission-driven environment, values collaboration, and is passionate about strengthening cybersecurity for critical defense systems.
DoD RMF Security Engineer
to join our team. This role is an opportunity to directly support mission-critical defense initiatives by ensuring secure systems, compliance with federal standards, and effective risk management. If you enjoy solving complex security challenges and working in a collaborative environment, this position offers both impact and growth.
Work Location:
Hybrid - average 1 day per week onsite at the Mark Center in Virginia (minimum 1 day/month)
What You'll Work On
Provide end-to-end
Assessment & Authorization (A&A)
support for DoD cybersecurity, privacy, and financial control initiatives Interpret risks and recommend solutions to meet DoD compliance and cybersecurity requirements under the NIST RMF and DoD Policy Map, implement, interpret, and document RMF security controls Manage the
eMASS cybersecurity management tool Requirements:
5 years of relevant RMF/Security Engineering experience to include: Experience in mapping, implementing, interpreting, and documenting RMF security controls Experienced managing the eMASS cybersecurity management tool Experience developing and submitting at least six (6) ATO packages Current Secret Clearance IAT level II (ie Security +) Additional Role Requirements
Strong knowledge of the
Risk Management Framework (RMF) lifecycle
within the federal government, including all A&A phases Experience supporting client risk management tasks such as: Managing POA&Ms Conducting Security Tests and Evaluations (ST&E) Creating system documentation Performing authorizations and risk assessments Handling third-party audits Ensuring compliance with
NIST 800-53
standards Performing threat assessments Ability to plan and monitor security control implementation to protect networks, enclaves, and systems Skilled in generating and interpreting
ACAS scans
to identify vulnerabilities and support remediation efforts Hands-on experience implementing and evaluating STIGs,
SCAP , and
SCAP Compliance Checker (SCC) Familiarity with A&A application platforms such as
eMASS, CSAM, Xacta Prior technical background (e.g., system or network administrator) is a plus
This role is ideal for someone who thrives in a mission-driven environment, values collaboration, and is passionate about strengthening cybersecurity for critical defense systems.