RMF Engineer

Dark Wolf Solutions is seeking a Cyber Security and Risk Management Framework (RMF) Engineer to support a collaborative team to develop, manage, and maintain information system security and Assessment and Authorization (A&A) packages. The successful candidate will be responsible for implementing and maintaining robust security measures for our organization's systems and networks. You will work closely with cross-functional teams to ensure compliance with Security Technical Implementation Guides (STIGs), adhere to cloud security best practices, and promote a culture of security through the implementation of DevSecOps principles. They will be able to work well within a larger team focused on defining and building cloud and bare metal infrastructure. Additional responsibilities include:

• Creating, managing, and maintaining A&A packages to include System Security Plans (SSP)s, Security Control Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), and other artifacts.
• Supporting the entry and maintenance of data into information system security systems of record, such as eMASS.
• Providing continuous monitoring and lifecycle management support activities through both manual and automated methods.
• Assisting in the development of security control weakness mitigation and management strategies. 
• Providing unique functional expertise necessary to interpret requirements and achieve successful performance to include subject matter expertise and unique mission/technical knowledge.
• Providing  insight to teams for the understanding of the customer’s business requirements and the analysis, evaluation and implementation of systems policies, strategy plans and other relevant projects.
• Providing guidance and support to development teams regarding secure coding practices and secure configuration management.
• Staying up to date with the latest cybersecurity trends, vulnerabilities, and best practices, and applying them to enhance the organization's security posture.
•  

Required Qualifications:

• 9+ years of relevant experience
• Experience as an RMF Engineer, ISSM/ISSO, Security Controls Validator, and/or information assurance engineer
• Hands-on with eGRC tools like: eMASS, XACTA, RSA Archer, etc.
• Experience with Space Force risk management policies/procedures, to include, Fast Track ATO Handbook & AF Continuous ATO Playbook
• Ability to clearly articulate ideas for executive level consumption
• Ability  to use prior experience and knowledge to address new situations; especially during interactions with clients
• Ability  to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interactions
• B.A. or B.S. Information Security, Computer Science  or related discipline
• US Citizenship and clearable up to a Secret Security Clearance

Desired Qualifications:

• Previous experience supporting Department of Defense  RMF processes
• Experience evaluating information security compliance against STIGs
• Cloud Platform experience – AWS, Azure, Google GCP.