Risk Management Framework Cyber SME

Job Description TMC Technologies is seeking a Risk Management Framework (RMF) subject matter expert to support our Space Systems Command (SSC) customer in Albuquerque, NM. This position primarily supports collateral Top Secret and below programs performing all aspects of DoD RMF activities. The successful candidate possesses experience ranging from documenting, implementing, and assessing security controls to performing system monitoring and compliance assessment activities. We need a team player who enjoys expanding and sharing their knowledge and training others. You will be involved in all aspects of cybersecurity operations and will partner with program/site leads as well as government staff and mission partners to maintain an effective information security program. Job Duties/Responsibilities Lead and work as part of an integrated team to develop and maintain RMF body of evidence documentation (e.g., System Security Plan, Security Controls Traceability Matrix, Plan of Action and Milestones, etc.) using Enterprise Mission Assurance Support Service (eMASS) and/or Microsoft products such as Word, Excel, PowerPoint, and Visio. Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals. Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities. Work in close coordination with system administrators and other cyber team members to ensure systems are operated, maintained, and disposed of in accordance with applicable security policies and procedures and notify the ISSO/ISSM when changes occur that might impact system authorization posture. Ensure all security‑related vulnerabilities and deficiencies are documented in the Plan of Action and Milestones (POA&M). Ensure the development and implementation of an effective information security education, training, and awareness program. Ensure configuration management policies and procedures for authorizing use of hardware/software on a system are followed and coordinate any additions, changes or modifications to hardware, software, or firmware with the ISSO/ISSM prior to the addition, change or modification. Job Requirements Bachelor’s degree in Computer Science, Cybersecurity or other related field and nine (9) years or more experience, or Master’s degree and seven (7) years or more experience. Active Top Secret security clearance with ability to obtain SCI within 3 months of hire. Five (5) years of experience working in information assurance or cybersecurity roles supporting classified DoD environments. DoD 8570 IAM Level II or higher baseline certification (CISSP preferred but other qualifying certs are acceptable – CISM, CCISO, CASP, or CGRC). Strong working knowledge of NIST 800‑53 controls and RMF. Experience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (e.g., Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker). We are equal opportunity/affirmative‑action employers, committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status, or any other protected characteristic under state or local law. #J-18808-Ljbffr