RMF Analyst

Job#: 2077182

Job Description:

Title: RMF Analyst

Location: Mark Center Drive Alexandria VA

Type: Long-term Contract

Schedule: Hybrid, 2 days on-site & 3 days remote

Pay: $45-55/hr) experince level dependent)

Apply Here: Please send your updated resume, CompTIA Sec+ certification, and availibility for a phone call to Emma at

The RMF Support Analyst is responsible for developing processes and procedures to communicate, report, and distribute cyber directives to Program level System Owners, ISSMs, and ISSOs, within the DISA IT portfolio, as well as maintain, establish, and monitor RMF transactions for System Registrations and System Authorizations in compliance with NIST, DoD, and DISA policies and procedures.

This is a hybrid position allowing 50% remote work after a brief ramp-up period (up to the first month will be 100% onsite during onboarding, then time will be split 2 days on-site & 3 remote

Primary Responsibilities

• Individual will guide and advise on all matters involving the Risk Management Framework (RMF) and Assessment and Authorizations (A&A) processes.
• Analyst will work closely with government and Security Control Assessor-Representatives (SCA-R) Team to support Authorization to Operate (ATO) authorization conditions and requirements.
• Conduct network security reviews that include validation of DISA's Security Technical Implementation Guide (STIG), network security policy, requirements and design.
• Managing and documenting A&A projects using Enterprise Mission Assurance Support Service (eMASS) A&A workflow platform.
• Advise, conduct and document risk assessments, development of System Security Plans (SSP), Plans of Action and Milestones (POA&M) and security policies and procedures.
• Provide guidance in the implementation of security controls, doctrine and policies.
• Managing, Creating, and Tracking timelines and deliverables, while ensuring processes and procedures are adhered for a large number of Information Systems.
• Establish and satisfy IA and security requirements based upon user, policy, regulatory, and resource demands.
• Integrate and implement computer system security solutions. Analyze general IA related technical problems and support in solving these problems.
• Plan, develop, coordinate, implement and execute of policies and projects at an organizational level.
• Help customers to understand the authorization process, and up-date/modify A&A procedures as necessary. Streamline the process to make the process easy to follow but cover all concerned security aspects.
• Manage eMASS to include implementation and quality review, inheritance, and tracking configuration changes

Basic Qualifications

• Active DoD Secret clearance or higher (program can support up to TS/SCI)
• DoD 8570 IAT II (CompTIA Security+)
• BS degree and 5-8 years (mid-tier) and 8-12 years (senior level) of prior relevant experience. Additional experience may be considered in lieu of degree.
• Demonstrated knowledge of cyber security policies and technical cyber security protection measures
• Proficient with RMF process, NIST SP 800-37, NIST SP 800-53, CNS-SI 1253, eMASS, & STIGS
• Demonstrates successful track record for delivering large/complex projects on time and within budget within DoD organizations
• Creating Metrics and good presentation skills
• Must possess excellent writing and communication skills; have the ability to develop documentation and management level presentations.
• Candidate is expected to have technical knowledge and skills in one of the following areas: System Administration, network engineering, applications, and security operations.
• Demonstrate potential and willingness to learn and adapt to rapid changes in technology.

Preferred Qualifications

• Experience in performing risk assessment, IT audits, security planning, systems authorization and policy development.
• Experience complying with DoD regulations and preparing for responding to information security audits and questionnaires.
• Understanding of basic networking, routing and transport security technologies and architectures
• Knowledge of domain structures, user authentication, data encryption, access audits and end-user security best practices.
• Experience with UNIX/LINUX OS and any scripting language.

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.

Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.