Forge Group, LLC
Position Overview
Forge is a global solutions provider. We are a proud, certified 8a, woman‑owned, service‑disabled, veteran‑owned small business (8a, WOSB, SDVOSB) ignited to redefine the traditional GovCon mold, deliver innovations, and elevate collective impact. We are known as international problem fixers who only pursue work where we can truly make a difference. We are deeply integrated members of trusted client communities, energized and honored to be partners in questioning and solving human challenges across the world.
Our culture is everything. People come first. It is built around a diverse group of employees empowered to think in different directions, a leadership team that trusts employees to lean in to unique greatness, and an operations team that deploys programs to support employee well‑being and growth—both personally and professionally. We treat Forge like a co‑op in which the input of staff drives corporate action. With a 93% retention rate, Forge is rated #2 Best Medium‑size Business in all of Virginia and has earned multiple Fortune® and Inc. awards, underscoring our commitment to people and excellence.
Cybersecurity Analyst Forge Group requires a Cybersecurity Analyst to support Risk Management Framework (RMF) activities in our Rapid Capabilities practice. This role works closely with the government and partners to provide expertise and support in completing required RMF compliance tasks, supporting the attainment and maintenance of an Authority to Operate (ATO). The Analyst coordinates with stakeholders and project teams to prioritize demands, deliver action plans, scan and assess environments, document findings, and coordinate implementation of necessary security controls.
Key Responsibilities
Evaluate security controls against system implementation and documentation to ensure compliance with RMF guidance and policy.
Develop and execute a continuous monitoring plan, including scanning the environment with tools required by the customer and/or cloud security stakeholders.
Provide updates of records on time within eMASS, maintaining accurate and up‑to‑date documentation and artifacts.
Develop and manage updates of the System Security documentation, ensuring all documentation is current with the latest guidance, policy and revisions.
Record and track Plans of Action and Milestones (POA&Ms), managing vulnerabilities, risks and gaps in the program’s cybersecurity posture.
Manage the schedule for all cybersecurity compliance activities and coordinate mandated activities with the customer and required stakeholders.
Collaborate with the infrastructure team to deliver solutions that meet all security requirements and enhance the overall security profile of the program.
Support response to incidents and other response activities in support of reporting requirements; maintain an active security clearance.
Qualifications The candidate must possess strong analytical and critical‑thinking skills, an ability to think strategically and act tactically, and excellent written and oral communication. They should build strong cross‑group working relationships and demonstrate exceptional organizational skills and attention to detail, thriving in an entrepreneurial environment and handling ambiguity or competing priorities.
Minimum Qualifications
U.S. Citizen (Authorization to work in the U.S. will not suffice).
5+ years of professional experience supporting Cybersecurity RMF tasks.
Bachelor’s degree in Management Information Systems, Business Information Technology, or equivalent.
Experience in operational cybersecurity and RMF, including managing the accreditation process (ATO) and evaluating risks; strong understanding of Agile concepts and methodology; excellent communication.
Active Security+CE certification.
Highly Desired Qualifications
CISSP preferred.
Active security clearance preferred.
Employment Details Job: Full‑time
Location: Remote/DMV area (Quarterly travel)
Salary Range: $90k – $135k per year
Benefits
Complete Flextime
401(k) with employer matching
Healthcare, including medical, dental, and vision
Health Savings Account (HSA) and pre‑tax premium options
Supplementary healthcare and family support
Extended short‑term disability and long‑term disability
Health insurance deductible paydown
Health and wellness programs
Tuition reimbursement, student loan repayment, and education & training stipends
Cell phone / Internet stipends
College saving plans with employer contributions
Alternative work locations and tele‑commuting
Employee referral awards
Retention, signing & performance bonuses
Commuter benefits
Paid sabbatical
Forge Group, LLC is an Equal Opportunity [and/or] affirmative action employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or military or protected veteran status. We participate in the E‑Verify Employment Verification Program.
#J-18808-Ljbffr
Our culture is everything. People come first. It is built around a diverse group of employees empowered to think in different directions, a leadership team that trusts employees to lean in to unique greatness, and an operations team that deploys programs to support employee well‑being and growth—both personally and professionally. We treat Forge like a co‑op in which the input of staff drives corporate action. With a 93% retention rate, Forge is rated #2 Best Medium‑size Business in all of Virginia and has earned multiple Fortune® and Inc. awards, underscoring our commitment to people and excellence.
Cybersecurity Analyst Forge Group requires a Cybersecurity Analyst to support Risk Management Framework (RMF) activities in our Rapid Capabilities practice. This role works closely with the government and partners to provide expertise and support in completing required RMF compliance tasks, supporting the attainment and maintenance of an Authority to Operate (ATO). The Analyst coordinates with stakeholders and project teams to prioritize demands, deliver action plans, scan and assess environments, document findings, and coordinate implementation of necessary security controls.
Key Responsibilities
Evaluate security controls against system implementation and documentation to ensure compliance with RMF guidance and policy.
Develop and execute a continuous monitoring plan, including scanning the environment with tools required by the customer and/or cloud security stakeholders.
Provide updates of records on time within eMASS, maintaining accurate and up‑to‑date documentation and artifacts.
Develop and manage updates of the System Security documentation, ensuring all documentation is current with the latest guidance, policy and revisions.
Record and track Plans of Action and Milestones (POA&Ms), managing vulnerabilities, risks and gaps in the program’s cybersecurity posture.
Manage the schedule for all cybersecurity compliance activities and coordinate mandated activities with the customer and required stakeholders.
Collaborate with the infrastructure team to deliver solutions that meet all security requirements and enhance the overall security profile of the program.
Support response to incidents and other response activities in support of reporting requirements; maintain an active security clearance.
Qualifications The candidate must possess strong analytical and critical‑thinking skills, an ability to think strategically and act tactically, and excellent written and oral communication. They should build strong cross‑group working relationships and demonstrate exceptional organizational skills and attention to detail, thriving in an entrepreneurial environment and handling ambiguity or competing priorities.
Minimum Qualifications
U.S. Citizen (Authorization to work in the U.S. will not suffice).
5+ years of professional experience supporting Cybersecurity RMF tasks.
Bachelor’s degree in Management Information Systems, Business Information Technology, or equivalent.
Experience in operational cybersecurity and RMF, including managing the accreditation process (ATO) and evaluating risks; strong understanding of Agile concepts and methodology; excellent communication.
Active Security+CE certification.
Highly Desired Qualifications
CISSP preferred.
Active security clearance preferred.
Employment Details Job: Full‑time
Location: Remote/DMV area (Quarterly travel)
Salary Range: $90k – $135k per year
Benefits
Complete Flextime
401(k) with employer matching
Healthcare, including medical, dental, and vision
Health Savings Account (HSA) and pre‑tax premium options
Supplementary healthcare and family support
Extended short‑term disability and long‑term disability
Health insurance deductible paydown
Health and wellness programs
Tuition reimbursement, student loan repayment, and education & training stipends
Cell phone / Internet stipends
College saving plans with employer contributions
Alternative work locations and tele‑commuting
Employee referral awards
Retention, signing & performance bonuses
Commuter benefits
Paid sabbatical
Forge Group, LLC is an Equal Opportunity [and/or] affirmative action employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or military or protected veteran status. We participate in the E‑Verify Employment Verification Program.
#J-18808-Ljbffr