ASM Research, An Accenture Federal Services Company
Cybersecurity RMF Manager
ASM Research, An Accenture Federal Services Company, Juneau, Alaska, us, 99812
The Cybersecurity RMF Manager is responsible for providing comprehensive cybersecurity authorization and accreditation services in support of the Risk Management Framework (RMF) process for USACE systems, networks, and applications. This role involves collaborating with system owners, cybersecurity teams, and technical teams to advance through all six steps of the RMF process, developing security plans, generating assessment reports, formulating remediation plans, and ensuring compliance with DoD, Army, and USACE policies and procedures.
Key Responsibilities
Lead organizations through all six steps of the DoD Risk Management Framework (RMF) process
Categorize information systems based on FIPS 199 and NIST SP 800-53 standards
Develop comprehensive security plans and control selection documentation
Coordinate security control implementation and system-specific security testing
Generate assessment reports and security control assessment documentation
Develop remediation plans and implement corrective actions for identified vulnerabilities
Manage Security Authorization Agreements (SAA) and Authority to Operate (ATO) processes
Maintain RMF documentation in approved repositories such as eMASS (Enterprise Mission Assurance Support Service)
Monitor security states and ensure continuous compliance with security controls
Serve as subject matter expert on RMF processes, DISA requirements, and security authorization best practices
Prepare security authorization briefings and compliance reports for government stakeholders
Required Qualifications
Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent work experience)
8+ years of experience in cybersecurity roles with strong background in Risk Management Framework (RMF) process
Expert-level knowledge of DoD, Army, and USACE cybersecurity policies and procedures
Demonstrated proficiency in developing security plans and generating assessment reports
Extensive experience with categorizing information systems and selecting/implementing security controls
Proficiency in producing DISA-required artifacts and documenting RMF data in approved repositories (eMASS)
Strong analytical, problem-solving, and communication skills
Preferred Qualifications
CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) certification
Certified Authorization Professional (CAP) certification from (ISC)²
Familiarity with DoD and/or USACE IT environment and RMF implementation practices
Experience with eMASS platform for RMF documentation and artifact management
Knowledge of NIST SP 800-53 security controls and continuous monitoring frameworks
Background in federal IT security authorization and compliance
Experience with system categorization (FIPS 199, NIST SP 800-30 risk assessment)
Required Skills
Risk Management Framework (RMF) Process Management
NIST Security Controls & Implementation
Security Authorization & ATO Management
Security Plan Development & Documentation
DISA Compliance & Artifact Development
Preferred Skills
eMASS Platform Administration
DoD & USACE Security Policies
Continuous Monitoring & Security State Management
Risk Assessment & Threat Analysis
Federal Authorization Frameworks
Compensation Ranges Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.
$122,900 - 154,500
EEO Requirements It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.
Physical Requirements The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties" or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.
Disclaimer The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
#J-18808-Ljbffr
Key Responsibilities
Lead organizations through all six steps of the DoD Risk Management Framework (RMF) process
Categorize information systems based on FIPS 199 and NIST SP 800-53 standards
Develop comprehensive security plans and control selection documentation
Coordinate security control implementation and system-specific security testing
Generate assessment reports and security control assessment documentation
Develop remediation plans and implement corrective actions for identified vulnerabilities
Manage Security Authorization Agreements (SAA) and Authority to Operate (ATO) processes
Maintain RMF documentation in approved repositories such as eMASS (Enterprise Mission Assurance Support Service)
Monitor security states and ensure continuous compliance with security controls
Serve as subject matter expert on RMF processes, DISA requirements, and security authorization best practices
Prepare security authorization briefings and compliance reports for government stakeholders
Required Qualifications
Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent work experience)
8+ years of experience in cybersecurity roles with strong background in Risk Management Framework (RMF) process
Expert-level knowledge of DoD, Army, and USACE cybersecurity policies and procedures
Demonstrated proficiency in developing security plans and generating assessment reports
Extensive experience with categorizing information systems and selecting/implementing security controls
Proficiency in producing DISA-required artifacts and documenting RMF data in approved repositories (eMASS)
Strong analytical, problem-solving, and communication skills
Preferred Qualifications
CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) certification
Certified Authorization Professional (CAP) certification from (ISC)²
Familiarity with DoD and/or USACE IT environment and RMF implementation practices
Experience with eMASS platform for RMF documentation and artifact management
Knowledge of NIST SP 800-53 security controls and continuous monitoring frameworks
Background in federal IT security authorization and compliance
Experience with system categorization (FIPS 199, NIST SP 800-30 risk assessment)
Required Skills
Risk Management Framework (RMF) Process Management
NIST Security Controls & Implementation
Security Authorization & ATO Management
Security Plan Development & Documentation
DISA Compliance & Artifact Development
Preferred Skills
eMASS Platform Administration
DoD & USACE Security Policies
Continuous Monitoring & Security State Management
Risk Assessment & Threat Analysis
Federal Authorization Frameworks
Compensation Ranges Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.
$122,900 - 154,500
EEO Requirements It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.
Physical Requirements The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties" or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.
Disclaimer The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
#J-18808-Ljbffr