PD Inc
Cybersecurity Engineer -RMF Analyst / ISSO Support
PD Inc, Washington, District of Columbia, us, 20022
Job Description:
RMF Analyst / ISSO Support
Overview:
PD INC International, as a key support contractor to the Government Publishing Office (GPO), is providing enterprise-wide cybersecurity engineering and architecture support initiative. The core objective of this engagement is to design, implement, and oversee the execution of a comprehensive Zero Trust Architecture (ZTA) framework aligned with NIST SP 800-207 and Executive Order 14028. This includes establishing governance, security engineering, and risk mitigation strategies that advance the cybersecurity maturity posture of GPO's information systems and enterprise security operations. As part of this mission, we are seeking an experienced Risk Management Framework (RMF) Analyst / Information Systems Security Officer (ISSO) to support Assessment and Authorization (A&A) efforts and ongoing federal cybersecurity compliance. This role is a critical part of the GPO Security Operations Center (SOC), ensuring that GPO’s information systems meet FISMA, NIST, and agency-specific cybersecurity mandates through continuous monitoring and documentation of security controls, vulnerabilities, and corrective action plans.
The RMF Analyst will provide direct support to GPO’s IT Security Division during Shift 1 operational hours (0600 – 1730, Monday through Friday) for 40 hours per week, with readiness to support during Continuity of Operations (COOP), emergency scenarios, and exercises. The position may require temporary relocation to an alternate site to ensure continuity of SOC operations. All work will be performed under issued Task Orders that define the scope, deliverables, and operational support expectations.
Support Scope: The contractor shall perform RMF Assessment and Authorization (A&A) support activities including the preparation of Task Order Management Plans, cost analyses, activity tracking schedules, risk registers, and issue mitigation strategies. The ISSO will lead or support critical risk management and compliance tasks to sustain GPO’s cybersecurity readiness posture across all enterprise information systems.
Key Responsibilities: Security Operations and RMF Execution:
Plan, implement, upgrade, and monitor security measures to protect GPO networks and information systems Conduct system risk assessments to identify vulnerabilities, analyze findings, and recommend mitigation strategies Ensure the implementation and validation of appropriate security controls in line with federal cybersecurity policy Incident Response and Mitigation:
Respond to computer security incidents, malware outbreaks, and policy violations Provide detailed analysis and reporting for incident management and remediation follow-up Assist SOC staff with cyber hygiene practices, compliance testing, and security event documentation Compliance Documentation and Governance:
Track and maintain year-round updates for Plan of Action & Milestones (POA&Ms) in compliance with FISMA requirements Record and update system inventory in the Xacta360 governance, risk, and compliance (GRC) platform Coordinate with system owners and technical leads to maintain accurate authorization packages Program Management Support:
Contribute to the development of risk registers and tracking reports Provide monthly and quarterly updates to GPO cybersecurity leadership on RMF progress and ATO status Support creation of Task Order Management Plans and input to executive-level reporting Minimum Qualifications:
Education and Certifications: Bachelor’s degree in Information Assurance, Cybersecurity, or a related discipline. CAP, Security+, or CISSP certification preferred. Skills and Competencies: Proven experience supporting RMF lifecycles, POA&M management, FISMA documentation, and use of governance tools such as Xacta360 . Strong knowledge of NIST 800-53, 800-37, and A&A packages. Experience: Minimum of three (3) years of experience in a cybersecurity compliance, ISSO, or RMF analyst role within a federal agency or cleared environment. Security Clearance: Active U.S. security clearance required at time of application. Preferred Certifications:
CISSP, CCSP, Azure Security Engineer Associate, or equivalent Zero Trust Strategist (ZTX, CISA ZT Certified)
Work Environment: This role operates in a hybrid capacity. Monthly in-person attendance is required for the GPO IT Security All Hands meeting (3rd Tuesday). Candidate must be available during GPO contractor hours and remain responsive during COOP or emergency operations. Ability to relocate temporarily to an alternate GPO location for continuity support is required.
Equal Opportunity Employer: PD INC is an Equal Opportunity Employer and welcomes applicants from all backgrounds, including veterans and individuals with disabilities. We are committed to diversity, equity, and inclusion in every aspect of our workforce.
#J-18808-Ljbffr
RMF Analyst / ISSO Support
Overview:
PD INC International, as a key support contractor to the Government Publishing Office (GPO), is providing enterprise-wide cybersecurity engineering and architecture support initiative. The core objective of this engagement is to design, implement, and oversee the execution of a comprehensive Zero Trust Architecture (ZTA) framework aligned with NIST SP 800-207 and Executive Order 14028. This includes establishing governance, security engineering, and risk mitigation strategies that advance the cybersecurity maturity posture of GPO's information systems and enterprise security operations. As part of this mission, we are seeking an experienced Risk Management Framework (RMF) Analyst / Information Systems Security Officer (ISSO) to support Assessment and Authorization (A&A) efforts and ongoing federal cybersecurity compliance. This role is a critical part of the GPO Security Operations Center (SOC), ensuring that GPO’s information systems meet FISMA, NIST, and agency-specific cybersecurity mandates through continuous monitoring and documentation of security controls, vulnerabilities, and corrective action plans.
The RMF Analyst will provide direct support to GPO’s IT Security Division during Shift 1 operational hours (0600 – 1730, Monday through Friday) for 40 hours per week, with readiness to support during Continuity of Operations (COOP), emergency scenarios, and exercises. The position may require temporary relocation to an alternate site to ensure continuity of SOC operations. All work will be performed under issued Task Orders that define the scope, deliverables, and operational support expectations.
Support Scope: The contractor shall perform RMF Assessment and Authorization (A&A) support activities including the preparation of Task Order Management Plans, cost analyses, activity tracking schedules, risk registers, and issue mitigation strategies. The ISSO will lead or support critical risk management and compliance tasks to sustain GPO’s cybersecurity readiness posture across all enterprise information systems.
Key Responsibilities: Security Operations and RMF Execution:
Plan, implement, upgrade, and monitor security measures to protect GPO networks and information systems Conduct system risk assessments to identify vulnerabilities, analyze findings, and recommend mitigation strategies Ensure the implementation and validation of appropriate security controls in line with federal cybersecurity policy Incident Response and Mitigation:
Respond to computer security incidents, malware outbreaks, and policy violations Provide detailed analysis and reporting for incident management and remediation follow-up Assist SOC staff with cyber hygiene practices, compliance testing, and security event documentation Compliance Documentation and Governance:
Track and maintain year-round updates for Plan of Action & Milestones (POA&Ms) in compliance with FISMA requirements Record and update system inventory in the Xacta360 governance, risk, and compliance (GRC) platform Coordinate with system owners and technical leads to maintain accurate authorization packages Program Management Support:
Contribute to the development of risk registers and tracking reports Provide monthly and quarterly updates to GPO cybersecurity leadership on RMF progress and ATO status Support creation of Task Order Management Plans and input to executive-level reporting Minimum Qualifications:
Education and Certifications: Bachelor’s degree in Information Assurance, Cybersecurity, or a related discipline. CAP, Security+, or CISSP certification preferred. Skills and Competencies: Proven experience supporting RMF lifecycles, POA&M management, FISMA documentation, and use of governance tools such as Xacta360 . Strong knowledge of NIST 800-53, 800-37, and A&A packages. Experience: Minimum of three (3) years of experience in a cybersecurity compliance, ISSO, or RMF analyst role within a federal agency or cleared environment. Security Clearance: Active U.S. security clearance required at time of application. Preferred Certifications:
CISSP, CCSP, Azure Security Engineer Associate, or equivalent Zero Trust Strategist (ZTX, CISA ZT Certified)
Work Environment: This role operates in a hybrid capacity. Monthly in-person attendance is required for the GPO IT Security All Hands meeting (3rd Tuesday). Candidate must be available during GPO contractor hours and remain responsive during COOP or emergency operations. Ability to relocate temporarily to an alternate GPO location for continuity support is required.
Equal Opportunity Employer: PD INC is an Equal Opportunity Employer and welcomes applicants from all backgrounds, including veterans and individuals with disabilities. We are committed to diversity, equity, and inclusion in every aspect of our workforce.
#J-18808-Ljbffr