Risk Management Framework Analyst

Job description

The RMF Analyst shall be responsible for providing cybersecurity expertise and RMF lifecycle management in support of NIWDC IWTTF systems. The analyst shall ensure all systems achieve and maintain compliance with Department of War (DoW) policies, enterprise objectives, and established governance processes. The analyst will manage system security posture from categorization to continuous monitoring, ensuring risks are properly mitigated and documented. Responsibilities include: - Lead the execution of all steps of the RMF process, including system categorization, security control selection, implementation, assessment, authorization, and continuous monitoring. - Develop, review, and maintain comprehensive RMF documentation, including the System Security Plan (SSP), Security Assessment Report (SAR), and Plans of Action and Milestones (POA&Ms). - Translate assessment outcomes into actionable product artifacts, including risk assessments, vulnerability reports, and recommendations for inclusion in the system's POAM. - Coordinate with development teams, system owners, and enterprise stakeholders to validate security control implementation, assess integration impacts, and ensure alignment...