Open app
Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

GRC / NIST RMF Specialist

Apogee Global RMS

Beltsville, MD

Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable engineering guidance, and can partner with federal stakeholders to drive accreditation success.

You will serve as a trusted advisor across security, engineering, and mission teams — ensuring that compliance is not a paperwork exercise but a strategic enabler of secure operations.

What You Will Lead:

  • Full lifecycle NIST RMF execution (Categorization → Continuous Monitoring)
  • Development and refinement of SSPs, POA&Ms, SARs, and control evidence packages
  • Security control assessments, gap analyses, and remediation planning
  • Advisory support for ATO readiness, audit preparation, and stakeholder coordination
  • Risk analysis and prioritization aligned to mission, system, and organizational impact
  • Collaboration with engineering teams to ensure controls are implemented effectively
  • Continuous monitoring strategy, reporting, and compliance sustainment

Requirements

Certifications:

  • CISA
  • CRISC
  • CISM
  • NIST RMF training (FedVTE or equivalent)
  • ISO 27001 Lead Auditor is a meaningful differentiator, especially for commercial‑adjacent bids

Technical & Functional Expertise:

  • Deep understanding of NIST 800‑53, NIST RMF, and federal security baselines
  • Experience preparing ATO packages and supporting federal accreditation processes
  • Ability to translate compliance requirements into clear, actionable engineering tasks
  • Strong writing and documentation skills for federal audiences
  • Experience working with ISSOs, ISSEs, SCA teams, and federal program leadership

Location & Clearance:

  • Must reside in the NCR (DC/MD/VA)
  • Secret clearance minimum; clearable candidates considered

Expected Skills:

  • Operates with precision, structure, and clarity
  • Understands both the technical and policy sides of federal cybersecurity
  • Can guide teams through complex accreditation processes without friction
  • Communicates confidently with auditors, assessors, and mission stakeholders
  • Thrives in high‑trust, high‑impact advisory environments

Benefits

Why Apogee:

Apogee supports federal programs in this prime engagement where governance and risk decisions directly influence mission readiness. You’ll work with senior stakeholders, shape compliance strategy, and operate in an environment that values expertise, discipline, and operational excellence.

How to Apply

For any questions (OR) to apply, please contact us at  View email address on click.appcast.io .

Apply
Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the GRC / NIST RMF Specialist in Beltsville, MD vacancy
  • NIST RMF & GRC Specialist for Federal ATO
    Apogee Global RMS in Washington seeks a GRC / NIST RMF Specialist to enhance governance, risk, and compliance processes for federal programs. The ideal candidate will lead NIST RMF execution and develop vital strategic documents. Strong knowledge of federal security baselines... 
    Suggested

    Apogee Global RMS

    Washington DC
    3 days ago
  • Senior RMF & ISSO Specialist — Hybrid (DC)
     ...Assessment and Authorization (A&A) support roles. Applicants should have at least 3 years of experience with RMF in Microsoft GCC-H environments and knowledge of NIST SP 800-53 and FISMA compliance. The position offers a hybrid work model requiring onsite meetings.... 
    Suggested

    Testpros

    Washington DC
    4 days ago
  • Senior ISSO: Cloud RMF & NIST Security Leader
     .... The ISSO will lead the implementation of security controls in accordance with NIST standards and prepare for independent security assessments. Responsibilities include supporting NIST RMF processes, managing security documentation, and evaluating security solutions. The... 
    Suggested

    Telophase Corporation

    Lanham, MD
    2 days ago
  • Specialist IT SOX and SAP GRC Compliance
     ...support the integrity, accuracy, and compliance of key reports and SAP GRC controls relied upon for SOX processes, helping ensure strong...  ...security standards and frameworks such as ISO 27001/27002, NIST, and others. Preferred Certifications Certified Information Systems... 
    Suggested
    Work experience placement
    Flexible hours

    BioSpace

    Washington DC
    1 day ago
  • A&A Specialist

    $91.3k - $184.9k

     ...moves missions and the government forward! An A&A Specialist will apply appropriate information security controls...  ...(FedRAMP, FISMA, Zero Trust Maturity Model, RMF, and NIST SP 800 series and NIST SP 800-53) + GRC tools experience (e.g. XACTA, ArchAngel, eMASS, CSAM... 
    Suggested
    Interim role
    Live in
    Work at office
    Local area

    Accenture

    Washington DC
    3 days ago
  • Senior ISSO - Hybrid Federal Cyber Leader (NIST/RMF)
     ...will have at least 5 years of experience in ISSO duties, including systems security assessments. Responsibilities include coordinating NIST compliance, mentoring junior staff, and advising leadership. The position supports hybrid work, with 3 days a week on client site.... 
    Flexible hours
    3 days per week

    Coalfire

    Washington DC
    1 day ago
  • Remote Program Analyst - Security & Compliance (ATO/NIST)

    $80k - $85k

     ...Authorization to Operate (ATO) packages and ensuring compliance with NIST and federal regulations. You will utilize your project management...  ...have a Bachelor’s degree in a relevant field and experience in GRC tools. The position offers a competitive salary range of $80,000–... 
    Remote work

    Signature Performance

    Washington DC
    1 day ago
  • Senior Analyst, Cybersecurity GRC
     ...Senior Analyst, Cybersecurity GRC, Washington, DC The Senior Analyst, Cybersecurity GRC will administer the completion of compliance...  ...risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT). - Strong understanding of information security concepts... 
    Work experience placement

    Next Step Systems LTD

    Washington DC
    1 day ago
  • Government Information Specialist SME / Privacy Lead
     ...Government Information Specialist SME / Privacy Lead Position Title: Government Information...  ...Records Act, FISMA, OMB Circular A-130, NIST SP 800-53 Rev 5, NIST SP 800-171 Rev 3, and...  .... Working knowledge of NIST RMF, NIST SP 800-53 Rev 5, NIST SP 800-171 Rev... 

    cFocus Software

    Washington DC
    1 day ago
  • Senior Information Assurance Specialist

    $120k

     ...party validation. Summary The Senior Information Assurance Specialist plays a pivotal role in safeguarding the cybersecurity...  ...strategies that align with DHS policies and frameworks (e.g., NIST 800-53, RMF, FISMA). Develop tools and techniques for threat detection,... 
    Contract work
    Local area
    Monday to Friday

    ValidaTek, Inc.

    Washington DC
    2 days ago
  • Cybersecurity Specialist 4

    $124.88k - $187.32k

     ...alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts responsible for supporting Information System Security...  ...Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation Awareness of NIST Special Publication... 

    Navstar

    Washington DC
    3 days ago
  • GRC Analyst
     ...In depth understanding and hand on experience with NIST 800-53, 800-36 and 800-66 frameworks. Significant experience with full cycle...  ...Analysis, Risk Register functional application via Service Now IRM/GRC environment. Significant experience with Service Now ecosystem... 

    E-Solutions

    Washington DC
    1 day ago
  • GRC Analyst
     ...The Governance, Risk, and Compliance (GRC) Analyst supporting federal and customer programs is responsible for evaluating, documenting...  ...Interpretation Maintain working knowledge of relevant standards such as NIST frameworks, ISO 27001, FedRAMP, CMMC, and applicable... 
    Contract work

    Nexus IT Group

    Washington DC
    1 day ago
  • Mid-Level GRC Analyst

    $70k - $80k

     ...Mid-Level GRC Analyst Location: 1-day on-site at HQ - Silver Spring, MD Clearance Required: Public Trust Eligible Salary: $7...  ...system-level and scoped enterprise risk assessments aligned with NIST SP 800-30 methodologies. Identify threats, vulnerabilities, likelihood... 
    Apprenticeship

    IBSS

    Silver Spring, MD
    8 hours ago
  • GRC Analyst - Public Sector
     ...keep reading. About the role Socure is seeking an Analyst, GRC - Public Sector to execute and enhance the company's governance,...  ...and regulatory requirements, including controls aligned with NIST SP 800-53 rev 5 and other related frameworks. Prepare certification... 
    Permanent employment
    Contract work

    Socure Inc

    Washington DC
    4 days ago
  • IA/Cybersecurity Specialist (Secret) (4499)

    $103.2k - $172k

     ...seeking Information Assurance/Cybersecurity Specialists (Junior, Mid, and Senior) with a...  ...Assist in maintaining compliance with RMF and other DoD cybersecurity frameworks...  ...operating environments Familiarity with RMF, NIST 800-53, STIGs, and cloud security principles... 
    Contract work
    Work experience placement
    H1b
    Local area

    SMX Corporation

    Washington DC
    2 days ago
  • Cybersecurity Resilience Specialist - Governance Risk and Compliance

    $120.96k - $212.04k

     ...Cybersecurity Resilience Specialist - Governance Risk and Compliance Location: Washington...  ...methodologies and standards (e.g., ISO 22301, NIST SP 800-34, FFIEC), with hands-on...  ...continuity planning tools, platforms, or GRC systems ~ Relevant certifications such... 
    Temporary work
    Work at office

    Tik Tok

    Washington DC
    8 hours ago
  • Cybersecurity Assurance Specialist W/Secret Clearance

    $95k - $150k

     ...We are seeking a Cybersecurity Assurance Specialist to join our TekSynap Defense team. REQUIRED...  ...of experience working with DoDI 8500.2 or NIST SP 800-53 security controls. Strong knowledge of Risk Management Framework (RMF) principles and processes. Proficiency... 
    Full time
    Contract work
    Temporary work
    Work at office
    Local area
    Remote work
    Monday to Friday
    Weekend work
    Day shift
    Afternoon shift

    TekSynap

    Washington DC
    4 days ago
  • Cybersecurity Specialist - Senior
     ...Senior Cybersecurity Specialist Leidos has an exciting opportunity for a Senior Cybersecurity...  ...part of the Risk Management Framework (RMF) and Authority to Operate (ATO) processes...  ...(EDR) platforms. ~ Familiarity with NIST cybersecurity frameworks, including NIST... 
    Immediate start
    Flexible hours

    Leidos

    Bethesda, MD
    2 days ago
  • Cybersecurity Specialist - Junior
     ...Junior Cybersecurity Specialist At Leidos, we deliver innovative solutions through the efforts...  ...DoD systems in accordance with DoDI 8510.01, NIST SP 800-53, and other DoD security guidance. Lead the integration of RMF activities into the system development lifecycle... 
    Internship

    Leidos

    Washington DC
    3 days ago
  • SME Document Management Specialist
     ...growing company. SME Document Management Specialist The SME Document Management...  ...assurance of all deliverables under the AI RMF support program. This role ensures consistency...  ...and artifacts Ensure alignment with NIST templates, standards, and style guides... 

    AMA CONSULTING

    Laurel, MD
    4 days ago
  • Cloud Security RMF Lead - Top Secret Clearance
     ...Information Systems Security Officer (Mid-Level) in Washington, DC. This role entails leading the RMF package development for cloud systems and ensuring compliance with NIST 800-53 across AWS and Azure. The ideal candidate will have a Bachelor’s degree in Cybersecurity... 

    CGI Njoyn

    Washington DC
    5 days ago
  • Cybersecurity Lead: RMF, Zero Trust & Risk Strategy
     ...Required qualifications include CISSP certification, a secret security clearance, and familiarity with compliance frameworks like NIST and RMF. This role involves collaboration with IT and senior management to align security goals. #J-18808-Ljbffr International Executive... 

    International Executive Service Corps

    Washington DC
    2 days ago
  • Senior Cloud ISSO - RMF/NIST Security Lead
    Bart & Associates, Inc. is looking for a Senior Cloud ISSO to oversee cybersecurity compliance for cloud and hybrid systems. The ideal candidate will have over 9 years in cybersecurity, particularly as an ISSO, with strong expertise in cloud platforms like AWS or Azure....

    Bart & Associates, Inc.

    Washington DC
    1 day ago
  • RMF / C&A Lead / Security Authorization Lead
    RMF / C&A Lead / Security Authorization Lead Location: Onsite - Washington DC Work authorization: US Citizen Job Summary The RMF Lead...  ...Lead RMF strategy and authorization roadmap Guide NIST SP 800-37 lifecycle activities Identify NIST SP 800-53 security... 

    Softthink Solutions

    Washington DC
    2 days ago
  • Senior ISSO: Lead Cybersecurity & RMF Compliance
     ...Security Plans and conducting security assessments. Candidates must have over 10 years of experience in cybersecurity, knowledge of NIST RMF, and the ability to obtain Top Secret/SCI clearance. Competitive compensation and strong benefits offered. #J-18808-Ljbffr Zantech

    Zantech

    Washington DC
    1 day ago
  • Senior Cloud ISSO - RMF & Cloud Security Lead
     ...information systems. The ideal candidate has extensive experience in cloud security, risk management, and knowledge of frameworks like RMF and NIST. Required qualifications include a Bachelor’s degree in Cybersecurity and at least 9 years of experience, including... 

    Bart & Associates, LLC

    Washington DC
    4 days ago
  • Senior Navy Cybersecurity & RMF Specialist
    A leading employee-owned company in Washington, DC is seeking a Senior Information Systems Security Specialist. The role requires over 10 years of experience in Navy Cybersecurity programs, strong knowledge of Cyber Security and Risk Management Framework. A Bachelor’s... 

    International Executive Service Corps

    Washington DC
    5 days ago
  • RMF ISSE: Federal IT Security & Risk Lead
     ...clients. The ISSE will lead a team for Risk Management Framework (RMF) activities, ensuring systems are secure and compliant. The ideal...  ...have a Bachelor's Degree in a relevant field and experience with NIST standards. Preferred qualifications include certifications and... 

    Data Intelligence LLC

    Washington DC
    2 days ago
  • Senior ATO & RMF Security Lead - Federal

    $140k - $165k

     ...Bachelor's degree in Cybersecurity or related fields, with at least 10 years of ATO/RMF experience in federal environments. Key responsibilities include managing compliance with NIST and FISMA requirements, developing security documentation, and mentoring junior analysts... 
    Contract work
    Work at office

    Innosoft Corporation

    Washington DC
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to GRC / NIST RMF Specialist. Be the first to apply!

Related searches