Risk Management Framework (RMF) Analyst

FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. FEDITC develops mission critical national security systems throughout the world directly supporting the Warfighter, DoD Leadership, & the country. We are proud & honored to provide these services.  

Overview of position: 

FEDITC is seeking a Risk Management Framework (RMF) Analyst to support cybersecurity compliance and accreditation efforts for federal systems. The ideal candidate will have hands-on experience with the RMF lifecycle, excellent documentation skills, and the ability to collaborate effectively with cross-functional teams to achieve and maintain system Authorization to Operate (ATO).  A United States Citizenship and an active Secret DoD Security Clearance is required to be considered for this position. 

Responsibilities:

• Support execution of the full RMF lifecycle (Categorization, Selection, Implementation, Assessment, Authorization, and Monitoring) for assigned systems.
• Develop, review, and maintain RMF documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans, and other artifacts.
• Conduct risk assessments and control validation activities in accordance with NIST SP 800-53 and other relevant guidelines.
• Coordinate with ISSMs, system owners, engineers, and assessors to ensure control implementation, evidence collection, and audit readiness.
• Perform continuous monitoring activities and maintain ongoing system security posture.
• Track and manage system accreditation status using tools such as eMASS, XACTA, or equivalent.
• Assist with internal and external security audits and inspections.
• Identify and recommend risk mitigation strategies to ensure compliance and enhance security.

Experience/Skills: 

• Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field.
• Minimum of 3 years of hands-on experience supporting RMF or similar compliance frameworks.
• Knowledge of NIST RMF standards (800-37, 800-53, 800-30).
• Experience with cybersecurity tools and risk management platforms (e.g., eMASS, ACAS, STIGs, SCAP tools).
• Active DoD 8570.01-M certification (e.g., Security+, CAP, or CISSP).
• Strong written and verbal communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.
• Active U.S. government security clearance (Secret or higher preferred).

Preferred Qualifications:

• Experience with DoD or federal civilian accreditation processes.
• Experience transitioning systems from DIACAP to RMF.
• Familiarity with cloud security compliance (FedRAMP, AWS/Azure controls)

Clearance: 

• Active Secret Security Clearance is required.  
• Must be a US Citizen and pass a background check. 
• Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FEDITC and/or required by FEDITC’S Client(s)/Customer(s)/Prime contractor(s). 

Benefits:

• Medical
• Dental
• Vision
• 401K with 4% match
• Paid Time Off (PTO)
• Life and Disability Insurance
• Employee Assistance Program
• Flexible Spending Accounts (FSA)
• Dependent Care Reimbursement Program
• Group Term Life Insurance
• Supplemental Life and A&D Insurance
• Short & Long Term Disability
• Life Discount Program

FEDITC, LLC. is committed to fostering an inclusive workplace and provides equal employment opportunities (EEO) to all employees and applicants for employment. We do not employ AI tools in our decision-making processes. Regardless of race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran, FEDITC, LLC. ensures that all employment decisions are made in accordance with applicable federal, state, and local laws. Our commitment to non-discrimination in employment extends to every location in which our company operates.