Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

GRC / NIST RMF Specialist

Apogee Global RMS

Job Description

Job Description

Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable engineering guidance, and can partner with federal stakeholders to drive accreditation success.

You will serve as a trusted advisor across security, engineering, and mission teams — ensuring that compliance is not a paperwork exercise but a strategic enabler of secure operations.

What You Will Lead:

  • Full lifecycle NIST RMF execution (Categorization → Continuous Monitoring)
  • Development and refinement of SSPs, POA&Ms, SARs, and control evidence packages
  • Security control assessments, gap analyses, and remediation planning
  • Advisory support for ATO readiness, audit preparation, and stakeholder coordination
  • Risk analysis and prioritization aligned to mission, system, and organizational impact
  • Collaboration with engineering teams to ensure controls are implemented effectively
  • Continuous monitoring strategy, reporting, and compliance sustainment

Requirements

Certifications:

  • CISA
  • CRISC
  • CISM
  • NIST RMF training (FedVTE or equivalent)
  • ISO 27001 Lead Auditor is a meaningful differentiator, especially for commercial‑adjacent bids

Technical & Functional Expertise:

  • Deep understanding of NIST 800‑53, NIST RMF, and federal security baselines
  • Experience preparing ATO packages and supporting federal accreditation processes
  • Ability to translate compliance requirements into clear, actionable engineering tasks
  • Strong writing and documentation skills for federal audiences
  • Experience working with ISSOs, ISSEs, SCA teams, and federal program leadership

Location & Clearance:

  • Must reside in the NCR (DC/MD/VA)
  • Secret clearance minimum; clearable candidates considered

Expected Skills:

  • Operates with precision, structure, and clarity
  • Understands both the technical and policy sides of federal cybersecurity
  • Can guide teams through complex accreditation processes without friction
  • Communicates confidently with auditors, assessors, and mission stakeholders
  • Thrives in high‑trust, high‑impact advisory environments

Benefits

Why Apogee:

Apogee supports federal programs in this prime engagement where governance and risk decisions directly influence mission readiness. You’ll work with senior stakeholders, shape compliance strategy, and operate in an environment that values expertise, discipline, and operational excellence.

How to Apply

For any questions (OR) to apply, please contact us at View email address on ziprecruiter.com .

Vacancy posted 21 days ago
Similar jobs that could be interesting for youBased on the GRC / NIST RMF Specialist in Arlington, VA vacancy
  • CyberLinx Solutions LLC is looking for a Cybersecurity GRC Lead to manage the organization's governance, risk, and compliance program....  ...and developing policies aligned with industry frameworks such as NIST. The ideal candidate will have substantial experience in cybersecurity... 
    Suggested
    Full time
    Remote work

    Cyberlinx-Solutions-LLC

    Washington DC
    9 days ago
  •  ...candidates must have a Bachelor's degree and 1-3+ years experience in A&A analysis. Strong communication skills and knowledge of NIST RMF are essential. ARGO offers competitive benefits including medical, dental, vision, and retirement plans. #J-18808-Ljbffr ARGO Cyber... 
    Suggested
    Contract work

    ARGO Cyber Systems, LLC

    Arlington, VA
    4 days ago
  • $105.1k - $231.1k

     ...Ideal candidates will have at least 15 years of experience in information security, a Secret security clearance, and expertise in RMF and NIST standards. This position offers a competitive salary range of $105,100 to $231,100, alongside comprehensive benefits. #J-18808-... 
    Suggested
    Work at office

    CACI International Inc.

    Washington DC
    1 day ago
  •  ...an accommodation or an alternative application process. Cyber RMF Specialist Full Time Arlington, VA, VA, US 9 days ago Requisition ID: 14...  ..., and information types in accordance with CNSSI 1253 and NIST SP 800-53. Support ATO sustainment, reauthorization, and ongoing... 
    Suggested
    Full time
    For contractors
    Work at office
    Shift work
    Weekend work

    SHR CONSULTING GROUP, LLC

    Arlington, VA
    3 days ago
  •  ...in the Washington DC Metro area. This position focuses on leading RMF compliance activities, supporting system accreditation, and...  ...should have significant experience in cybersecurity, knowledge of NIST requirements, and relevant certifications. This is a remote role... 
    Suggested
    Remote job

    Peraton

    Washington DC
    3 days ago
  •  ...cyber threats for government agencies. This role will utilize eMASS and RMF tools to evaluate security and drive improvements. The ideal candidate will have 3+ years in cybersecurity, experience with NIST standards, and a Bachelor's degree. The position offers a... 

    Booz Allen Hamilton

    Arlington, VA
    2 days ago
  • SHR CONSULTING GROUP, LLC is looking for a Cyber RMF Specialist based in Arlington, VA. This full-time position involves executing the DoD Risk Management Framework, ensuring compliance with security standards, and supporting Government customers across various domains... 
    Full time

    SHR Consulting Group

    Arlington, VA
    1 day ago
  • NV5, Inc. is seeking a Risk Management Framework (RMF) Specialist in Washington, DC to oversee cybersecurity processes and ensure compliance with DoD and Air Force policies. The role involves implementing RMF for Air Force information systems and conducting thorough risk... 

    NV5

    Washington DC
    11 hours ago
  • Diligent is seeking an Advisory Specialist I based in Washington, DC, to join their Services team. In this early-career role, you will assist...  ...expertise, and familiarity with frameworks like CMMC and NIST. The position offers a hybrid work model, allowing flexibility... 

    Diligent

    Washington DC
    6 days ago
  • An employer is seeking a Vulnerability Mgmt. / GRC Ops Specialist to support a global pharmaceutical customer. This team is expanding its cybersecurity function to support operational workload and free up leaders and other senior team members for strategic initiatives.... 

    Insight Global

    Arlington, VA
    3 days ago
  •  ...Senior Analyst, Cybersecurity GRC, Washington, DC The Senior Analyst, Cybersecurity GRC will administer the completion of compliance...  ...risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT). Strong understanding of information security concepts... 
    Work experience placement

    NextStep

    Washington DC
    5 days ago
  • A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You... 

    Medium

    Alexandria, VA
    2 days ago
  •  ...keep reading. About the Role Socure is seeking an Analyst, GRC – Public Sector to execute and enhance the company's governance,...  ...organizational and regulatory requirements, including controls aligned with NIST SP 800-53 rev 5 and other related frameworks. Prepare... 
    Permanent employment
    Contract work
    Remote work

    Socure Inc

    Washington DC
    2 days ago
  •  ...The Governance, Risk, and Compliance (GRC) Analyst supporting federal and customer programs is responsible for evaluating, documenting...  ...Interpretation Maintain working knowledge of relevant standards such as NIST frameworks, ISO 27001, FedRAMP, CMMC, and applicable... 
    Contract work

    Nexus IT Group

    Washington DC
    3 days ago
  •  ...In depth understanding and hand on experience with NIST 800-53, 800-36 and 800-66 frameworks. Significant experience with full cycle...  ...Analysis, Risk Register functional application via Service Now IRM/GRC environment. Significant experience with Service Now ecosystem... 

    E-Solutions

    Washington DC
    3 days ago
  • $120k

    Summary The Senior Information Assurance Specialist plays a pivotal role in safeguarding the cybersecurity posture of a DHS-affiliated...  ...that align with DHS policies and frameworks (e.g., NIST 800-53, RMF, FISMA). Develop tools and techniques for threat detection,... 
    Contract work
    Local area
    Monday to Friday

    Validatek

    Washington DC
    4 days ago
  •  ...technology. #MC SPA is seeking an IT Support Specialist to support NAVSEA's Naval Special Warfare...  ...40, including developing and maintaining RMF documentation, managing eMASS entries,...  ...Demonstrated experience with RMF, eMASS, NIST SP 800-53 controls, and DoD cybersecurity... 
    Work at office

    Systems Planning and Analysis, Inc

    Alexandria, VA
    5 days ago
  •  ...Job Description Information Assurance Specialist Location: Arlington, VA Clearance:...  ...based on the Risk Management Framework (RMF). Prepare and maintain accreditation and...  ...~ Strong knowledge of FISMA, RMF, and NIST SP 800-53 frameworks. ~ Security+ or CISSP... 
    Contract work

    SiloSmashers

    Arlington, VA
    9 days ago
  •  ...federal information systems and oversee vulnerability management operations. The ideal candidate will have extensive experience in NIST RMF compliance, team leadership, and incident response planning, ensuring a robust cybersecurity posture across the organization. #J-... 
    Remote job

    byebyeoffice

    Arlington, VA
    11 hours ago
  •  ...professional in Washington, D.C. for system authorization and continuous monitoring activities. Candidates should have experience with NIST RMF, SP 800-53 controls, and compliance documentation, supporting Authorization to Operate decisions. This position requires strong... 

    Noblis

    Washington DC
    3 days ago
  •  ...clients. The ISSE will lead a team for Risk Management Framework (RMF) activities, ensuring systems are secure and compliant. The ideal...  ...have a Bachelor's Degree in a relevant field and experience with NIST standards. Preferred qualifications include certifications and... 

    Data Intelligence LLC

    Washington DC
    4 days ago
  • A cybersecurity firm in Arlington, VA, is seeking an Information Assurance Specialist to ensure compliance with cybersecurity, risk management, and federal information security requirements. The ideal candidate has a Bachelor's degree in Cybersecurity or a related field... 

    Silo Smashers

    Arlington, VA
    4 days ago
  • Zermount, Inc. is seeking an ISSO Program Manager in Arlington, VA. The successful candidate will provide project management and security expertise, managing a team to ensure compliance and risk management processes align with federal guidelines. Responsibilities include...
    Remote job

    Zermount, Inc.

    Arlington, VA
    11 hours ago
  • Diligent-14787b60 is looking for an Advisory Specialist I to join their Services team in Washington, D.C. This role involves delivering audit and compliance solutions to clients while fostering a collaborative environment. Responsibilities include engaging with clients... 

    Diligent-14787b60

    Washington DC
    1 day ago
  • $56k - $71k

     ...with the right mix of talent. An Advisory Specialist I is an early‑career consultant in the...  ...changing environment. Experience with CMMC and NIST frameworks. Experience in Microsoft...  ...Security or MIS). Experience with GRC and/or analytic tools. Experience in a platform... 
    Work at office
    Local area
    Flexible hours

    Diligent

    Washington DC
    1 day ago
  •  ...critical IT systems. Responsibilities include implementing security controls and conducting risk assessments, ensuring alignment with NIST 800-53. This on-site role requires a Bachelor's degree, relevant certifications, and 2-5 years of experience in IT environments. The... 

    Saic

    Newington, VA
    3 days ago
  • DOCUMENT STORAGE SYSTEMS INC in Alexandria, VA is seeking a Cybersecurity Specialist to ensure applications meet FedRAMP High security and compliance requirements. The role involves assessing security postures, supporting ATO documentation, and identifying cybersecurity... 
    Full time

    DOCUMENT STORAGE SYSTEMS INC

    Alexandria, VA
    1 day ago
  • $130k - $160k

     ...clients nationwide. Overview The Cybersecurity Specialist ensures all applications meet FedRAMP...  .... Applies Risk Management Framework (RMF) processes to security assessment activities...  ...documents findings in accordance with NIST guidelines. Reviews identity, access control... 
    Remote job
    Full time
    Contract work
    Work at office
    Shift work

    DOCUMENT STORAGE SYSTEMS INC

    Alexandria, VA
    1 day ago
  • A leading employee-owned company in Washington, DC is seeking a Senior Information Systems Security Specialist. The role requires over 10 years of experience in Navy Cybersecurity programs, strong knowledge of Cyber Security and Risk Management Framework. A Bachelor’s... 

    International Executive Service Corps

    Washington DC
    2 days ago
  •  ...CyberLinx Solutions LLC is seeking a forward‑thinking Cybersecurity GRC Lead / Cyber Risk Manager responsible for leading the...  ...control implementation aligned to industry frameworks such as NIST CSF and NIST RMF. Key Responsibilities Lead and manage the enterprise GRC program... 
    Full time
    Contract work
    Remote work

    Cyberlinx-Solutions-LLC

    Washington DC
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to GRC / NIST RMF Specialist. Be the first to apply!