RMF Analyst with Security Clearance

Seeking a dedicated and experienced Risk Management Framework (RMF) Specialist to oversee and manage cybersecurity processes, ensuring compliance with DoD and Air Force policies. The RMF Specialist will play a critical role in safeguarding the Air Force's information systems by identifying, assessing, and mitigating security risks. This position requires a deep understanding of the RMF lifecycle and its application in a military context. Work Environment:

• Location: Scott Air Force Base
• Security Clearance: Must possess or be able to obtain and maintain a Top Secret/SCI clearance; an Active Secret is acceptable to start Responsibilities
• RMF Implementation: Lead the implementation of the Risk Management Framework (RMF) for Air Force information systems, ensuring compliance with DoD and Air Force cybersecurity policies.
• Security Control Assessment: Conduct security control assessments and validate the effectiveness of implemented controls for information systems.
• Risk Analysis: Perform risk assessments to identify vulnerabilities, threats, and risks to information systems, and recommend appropriate mitigation strategies.
• Documentation: Prepare and maintain RMF documentation, including System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and Risk Assessment Reports.
• Continuous Monitoring: Implement and manage continuous monitoring strategies to ensure ongoing assessment and authorization of information systems.
• Collaboration: Work closely with system owners, developers, and other stakeholders to ensure security requirements are integrated throughout the system development lifecycle.
• Audit Support: Support internal and external audits, reviews, and inspections related to information system security.
• Policy and Compliance: Ensure alignment with current Air Force cybersecurity policies, standards, and regulations, and recommend updates to cybersecurity policies as needed. Qualifications

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.

• Experience: Minimum of 5 years of experience in cybersecurity, with at least 3 years specializing in RMF processes and DoD information systems.

• Certifications: Needs a Sec+ or similar, but be willing to obtain relevant cybersecurity certifications such as Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), or equivalent.

• Security Clearance: Ability to obtain and maintain a Top Secret/SCI security clearance.

• Technical Skills: Proficiency in RMF tools and technologies, such as eMASS (Enterprise Mission Assurance Support Service) and vulnerability assessment tools (e.g., Nessus, ACAS, SCAP).

• Knowledge: In-depth knowledge of NIST Special Publications (SP) 800-37, 800-53, and 800-171, as well as DoD Instruction 8510.01 and related guidelines.

• Communication: Strong verbal and written communication skills, with the ability to effectively convey complex cybersecurity concepts to both technical and non-technical audiences.

• Analytical Skills: Excellent analytical and problem-solving skills, with a keen attention to detail and a proactive approach to identifying and addressing security risks. Competencies & Skills

• Strong problem-solving skills and the ability to troubleshoot database issues effectively.

• Excellent communication and collaboration skills for cross-team efforts.