GRC / NIST RMF Specialist
Apogee Global RMS
Job Description
Job Description
Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable engineering guidance, and can partner with federal stakeholders to drive accreditation success.
You will serve as a trusted advisor across security, engineering, and mission teams — ensuring that compliance is not a paperwork exercise but a strategic enabler of secure operations.
What You Will Lead:
- Full lifecycle NIST RMF execution (Categorization → Continuous Monitoring)
- Development and refinement of SSPs, POA&Ms, SARs, and control evidence packages
- Security control assessments, gap analyses, and remediation planning
- Advisory support for ATO readiness, audit preparation, and stakeholder coordination
- Risk analysis and prioritization aligned to mission, system, and organizational impact
- Collaboration with engineering teams to ensure controls are implemented effectively
- Continuous monitoring strategy, reporting, and compliance sustainment
Requirements
Certifications:
- CISA
- CRISC
- CISM
- NIST RMF training (FedVTE or equivalent)
- ISO 27001 Lead Auditor is a meaningful differentiator, especially for commercial‑adjacent bids
Technical & Functional Expertise:
- Deep understanding of NIST 800‑53, NIST RMF, and federal security baselines
- Experience preparing ATO packages and supporting federal accreditation processes
- Ability to translate compliance requirements into clear, actionable engineering tasks
- Strong writing and documentation skills for federal audiences
- Experience working with ISSOs, ISSEs, SCA teams, and federal program leadership
Location & Clearance:
- Must reside in the NCR (DC/MD/VA)
- Secret clearance minimum; clearable candidates considered
Expected Skills:
- Operates with precision, structure, and clarity
- Understands both the technical and policy sides of federal cybersecurity
- Can guide teams through complex accreditation processes without friction
- Communicates confidently with auditors, assessors, and mission stakeholders
- Thrives in high‑trust, high‑impact advisory environments
Benefits
Why Apogee:
Apogee supports federal programs in this prime engagement where governance and risk decisions directly influence mission readiness. You’ll work with senior stakeholders, shape compliance strategy, and operate in an environment that values expertise, discipline, and operational excellence.
How to Apply
For any questions (OR) to apply, please contact us at View email address on ziprecruiter.com .
- CyberLinx Solutions LLC is looking for a Cybersecurity GRC Lead to manage the organization's governance, risk, and compliance program.... ...and developing policies aligned with industry frameworks such as NIST. The ideal candidate will have substantial experience in cybersecurity...SuggestedFull timeRemote work
- ...candidates must have a Bachelor's degree and 1-3+ years experience in A&A analysis. Strong communication skills and knowledge of NIST RMF are essential. ARGO offers competitive benefits including medical, dental, vision, and retirement plans. #J-18808-Ljbffr ARGO Cyber...SuggestedContract work
$105.1k - $231.1k
...Ideal candidates will have at least 15 years of experience in information security, a Secret security clearance, and expertise in RMF and NIST standards. This position offers a competitive salary range of $105,100 to $231,100, alongside comprehensive benefits. #J-18808-...SuggestedWork at office- ...an accommodation or an alternative application process. Cyber RMF Specialist Full Time Arlington, VA, VA, US 9 days ago Requisition ID: 14... ..., and information types in accordance with CNSSI 1253 and NIST SP 800-53. Support ATO sustainment, reauthorization, and ongoing...SuggestedFull timeFor contractorsWork at officeShift workWeekend work
- ...in the Washington DC Metro area. This position focuses on leading RMF compliance activities, supporting system accreditation, and... ...should have significant experience in cybersecurity, knowledge of NIST requirements, and relevant certifications. This is a remote role...SuggestedRemote job
- ...cyber threats for government agencies. This role will utilize eMASS and RMF tools to evaluate security and drive improvements. The ideal candidate will have 3+ years in cybersecurity, experience with NIST standards, and a Bachelor's degree. The position offers a...
- SHR CONSULTING GROUP, LLC is looking for a Cyber RMF Specialist based in Arlington, VA. This full-time position involves executing the DoD Risk Management Framework, ensuring compliance with security standards, and supporting Government customers across various domains...Full time
- NV5, Inc. is seeking a Risk Management Framework (RMF) Specialist in Washington, DC to oversee cybersecurity processes and ensure compliance with DoD and Air Force policies. The role involves implementing RMF for Air Force information systems and conducting thorough risk...
- Diligent is seeking an Advisory Specialist I based in Washington, DC, to join their Services team. In this early-career role, you will assist... ...expertise, and familiarity with frameworks like CMMC and NIST. The position offers a hybrid work model, allowing flexibility...
- An employer is seeking a Vulnerability Mgmt. / GRC Ops Specialist to support a global pharmaceutical customer. This team is expanding its cybersecurity function to support operational workload and free up leaders and other senior team members for strategic initiatives....
- ...Senior Analyst, Cybersecurity GRC, Washington, DC The Senior Analyst, Cybersecurity GRC will administer the completion of compliance... ...risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT). Strong understanding of information security concepts...Work experience placement
- A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You...
- ...keep reading. About the Role Socure is seeking an Analyst, GRC – Public Sector to execute and enhance the company's governance,... ...organizational and regulatory requirements, including controls aligned with NIST SP 800-53 rev 5 and other related frameworks. Prepare...Permanent employmentContract workRemote work
- ...The Governance, Risk, and Compliance (GRC) Analyst supporting federal and customer programs is responsible for evaluating, documenting... ...Interpretation Maintain working knowledge of relevant standards such as NIST frameworks, ISO 27001, FedRAMP, CMMC, and applicable...Contract work
- ...In depth understanding and hand on experience with NIST 800-53, 800-36 and 800-66 frameworks. Significant experience with full cycle... ...Analysis, Risk Register functional application via Service Now IRM/GRC environment. Significant experience with Service Now ecosystem...
$120k
Summary The Senior Information Assurance Specialist plays a pivotal role in safeguarding the cybersecurity posture of a DHS-affiliated... ...that align with DHS policies and frameworks (e.g., NIST 800-53, RMF, FISMA). Develop tools and techniques for threat detection,...Contract workLocal areaMonday to Friday- ...technology. #MC SPA is seeking an IT Support Specialist to support NAVSEA's Naval Special Warfare... ...40, including developing and maintaining RMF documentation, managing eMASS entries,... ...Demonstrated experience with RMF, eMASS, NIST SP 800-53 controls, and DoD cybersecurity...Work at office
- ...Job Description Information Assurance Specialist Location: Arlington, VA Clearance:... ...based on the Risk Management Framework (RMF). Prepare and maintain accreditation and... ...~ Strong knowledge of FISMA, RMF, and NIST SP 800-53 frameworks. ~ Security+ or CISSP...Contract work
- ...federal information systems and oversee vulnerability management operations. The ideal candidate will have extensive experience in NIST RMF compliance, team leadership, and incident response planning, ensuring a robust cybersecurity posture across the organization. #J-...Remote job
- ...professional in Washington, D.C. for system authorization and continuous monitoring activities. Candidates should have experience with NIST RMF, SP 800-53 controls, and compliance documentation, supporting Authorization to Operate decisions. This position requires strong...
- ...clients. The ISSE will lead a team for Risk Management Framework (RMF) activities, ensuring systems are secure and compliant. The ideal... ...have a Bachelor's Degree in a relevant field and experience with NIST standards. Preferred qualifications include certifications and...
- A cybersecurity firm in Arlington, VA, is seeking an Information Assurance Specialist to ensure compliance with cybersecurity, risk management, and federal information security requirements. The ideal candidate has a Bachelor's degree in Cybersecurity or a related field...
- Zermount, Inc. is seeking an ISSO Program Manager in Arlington, VA. The successful candidate will provide project management and security expertise, managing a team to ensure compliance and risk management processes align with federal guidelines. Responsibilities include...Remote job
- Diligent-14787b60 is looking for an Advisory Specialist I to join their Services team in Washington, D.C. This role involves delivering audit and compliance solutions to clients while fostering a collaborative environment. Responsibilities include engaging with clients...
$56k - $71k
...with the right mix of talent. An Advisory Specialist I is an early‑career consultant in the... ...changing environment. Experience with CMMC and NIST frameworks. Experience in Microsoft... ...Security or MIS). Experience with GRC and/or analytic tools. Experience in a platform...Work at officeLocal areaFlexible hours- ...critical IT systems. Responsibilities include implementing security controls and conducting risk assessments, ensuring alignment with NIST 800-53. This on-site role requires a Bachelor's degree, relevant certifications, and 2-5 years of experience in IT environments. The...
- DOCUMENT STORAGE SYSTEMS INC in Alexandria, VA is seeking a Cybersecurity Specialist to ensure applications meet FedRAMP High security and compliance requirements. The role involves assessing security postures, supporting ATO documentation, and identifying cybersecurity...Full time
$130k - $160k
...clients nationwide. Overview The Cybersecurity Specialist ensures all applications meet FedRAMP... .... Applies Risk Management Framework (RMF) processes to security assessment activities... ...documents findings in accordance with NIST guidelines. Reviews identity, access control...Remote jobFull timeContract workWork at officeShift work- A leading employee-owned company in Washington, DC is seeking a Senior Information Systems Security Specialist. The role requires over 10 years of experience in Navy Cybersecurity programs, strong knowledge of Cyber Security and Risk Management Framework. A Bachelor’s...
- ...CyberLinx Solutions LLC is seeking a forward‑thinking Cybersecurity GRC Lead / Cyber Risk Manager responsible for leading the... ...control implementation aligned to industry frameworks such as NIST CSF and NIST RMF. Key Responsibilities Lead and manage the enterprise GRC program...Full timeContract workRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to GRC / NIST RMF Specialist. Be the first to apply!
- esports specialist Arlington, VA
- delivery assurance specialist Arlington, VA
- instructional technology specialist Arlington, VA
- hospitality specialist Arlington, VA
- ecommerce specialist Arlington, VA
- community outreach specialist Arlington, VA
- chargeback specialist Arlington, VA
- policy specialist Arlington, VA
- qc specialist Arlington, VA
- utility specialist Arlington, VA


