Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

GRC / NIST RMF Specialist

Apogee Global RMS

Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable engineering guidance, and can partner with federal stakeholders to drive accreditation success. You will serve as a trusted advisor across security, engineering, and mission teams — ensuring that compliance is not a paperwork exercise but a strategic enabler of secure operations. What You Will Lead: Full lifecycle NIST RMF execution (Categorization → Continuous Monitoring) Development and refinement of SSPs, POA&Ms, SARs, and control evidence packages Security control assessments, gap analyses, and remediation planning Advisory support for ATO readiness, audit preparation, and stakeholder coordination Risk analysis and prioritization aligned to mission, system, and organizational impact Collaboration with engineering teams to ensure controls are implemented effectively Continuous monitoring strategy, reporting, and compliance sustainment Certifications: CISA CRISC CISM NIST RMF training (FedVTE or equivalent) ISO 27001 Lead Auditor is a meaningful differentiator, especially for commercial‑adjacent bids Technical & Functional Expertise: Deep understanding of NIST 800‑53, NIST RMF, and federal security baselines Experience preparing ATO packages and supporting federal accreditation processes Ability to translate compliance requirements into clear, actionable engineering tasks Strong writing and documentation skills for federal audiences Experience working with ISSOs, ISSEs, SCA teams, and federal program leadership Location & Clearance: Must reside in the NCR (DC/MD/VA) Secret clearance minimum; clearable candidates considered Expected Skills: Operates with precision, structure, and clarity Understands both the technical and policy sides of federal cybersecurity Can guide teams through complex accreditation processes without friction Communicates confidently with auditors, assessors, and mission stakeholders Thrives in high‑trust, high‑impact advisory environments Why Apogee: Apogee supports federal programs in this prime engagement where governance and risk decisions directly influence mission readiness. You’ll work with senior stakeholders, shape compliance strategy, and operate in an environment that values expertise, discipline, and operational excellence. How to Apply For any questions (OR) to apply, please contact us at View email address on click.appcast.io . #J-18808-Ljbffr

Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the GRC / NIST RMF Specialist in Arlington, VA vacancy
  •  ...Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable... 
    Suggested

    Apogee Global RMS

    Arlington, VA
    3 days ago
  • CL 1e6d8f31 073f 48cd b324 b581c00084bf is seeking a Compliance Analyst focused on GRC and RMF initiatives. You will support governance and compliance by developing security documentation in accordance with federal standards. The ideal candidate will have experience in... 
    Suggested

    CL 1e6d8f31 073f 48cd b324 b581c00084bf

    Washington DC
    18 hours ago
  • PingWind is seeking a Cybersecurity Analyst to lead GRC activities ensuring DoD RMF compliance for MODES III systems. The role requires Top Secret clearance and senior RMF/GRC certifications, with extensive experience in risk management and security control programs. You... 
    Suggested

    PingWind Inc.

    Alexandria, VA
    1 day ago
  •  ...cybersecurity professional responsible for implementing technical controls and configuration settings. You will work alongside engineers and RMF analysts to support information system security. The ideal candidate should have significant experience in cybersecurity,... 
    Suggested

    Unofficial M.C. Dean

    Washington DC
    1 day ago
  •  ...Senior Analyst, Cybersecurity GRC, Washington, DC The Senior Analyst, Cybersecurity GRC will administer the completion of compliance...  ...risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT). Strong understanding of information security concepts... 
    Suggested
    Work experience placement

    NextStep

    Washington DC
    3 days ago
  •  ...Senior Information Assurance Specialist At ValidaTek, we modernize and optimize IT services to solve some of the most critical...  ...strategies that align with DHS policies and frameworks (e.g., NIST 800-53, RMF, FISMA). Develop tools and techniques for threat detection,... 
    Monday to Friday

    ValidaTek

    Washington DC
    3 days ago
  •  ...Information Assurance Specialist (Hybrid) Location: Arlington, VA (Hybrid) Clearance: Must be...  ...based on the Risk Management Framework (RMF). Prepare and maintain accreditation and...  ...role. Strong knowledge of FISMA, RMF, and NIST SP 800-53 frameworks. Security+ or CISSP... 
    Contract work

    Silo Smashers

    Arlington, VA
    1 day ago
  •  ...In depth understanding and hand on experience with NIST 800-53, 800-36 and 800-66 frameworks. Significant experience with full cycle...  ...Analysis, Risk Register functional application via Service Now IRM/GRC environment. Significant experience with Service Now ecosystem... 

    E-Solutions

    Washington DC
    1 day ago
  • $120.96k - $212.04k

     ...Cybersecurity Resilience Specialist - Governance Risk and Compliance Location: Washington...  ...methodologies and standards (e.g., ISO 22301, NIST SP 800-34, FFIEC), with hands-on...  ...continuity planning tools, platforms, or GRC systems ~ Relevant certifications such... 
    Temporary work
    Work at office

    Tik Tok

    Washington DC
    18 hours ago
  •  ...in Chevy Chase, MD, is seeking a Senior Compliance Engineer to manage cybersecurity compliance programs aligned with CMMC Level 2, NIST SP 800-171, and other regulations. You will report directly to the CISO, focusing on aligning security tools with compliance requirements... 
    Remote work

    Lynk

    Chevy Chase, MD
    18 hours ago
  •  ...professional in Washington, D.C. for system authorization and continuous monitoring activities. Candidates should have experience with NIST RMF, SP 800-53 controls, and compliance documentation, supporting Authorization to Operate decisions. This position requires strong... 

    Noblis

    Washington DC
    1 day ago
  •  ...experienced Information Security Systems Officer (ISSO) to lead RMF, ATO, and continuous monitoring for a major federal initiative. You...  ...secure cloud architectures across AWS and Azure, implement NIST 800-53 controls, perform risk assessments, and drive DevSecOps with... 

    3M HEALTHCARE

    Arlington, VA
    1 day ago
  • Devis seeks an RMF lead to drive the RMF program and ATO lifecycle for NIH OD OIT. The role centers on managing...  ...years in RMF/A&A/ISSO support for federal systems, deep NIST 800-53 Rev.5 knowledge, and relevant RMF/GRC certifications. A formal clearance requirement applies... 

    Devis

    Bethesda, MD
    9 hours ago
  • Zermount, Inc. is seeking an ISSO Program Manager in Arlington, VA. The successful candidate will provide project management and security expertise, managing a team to ensure compliance and risk management processes align with federal guidelines. Responsibilities include...
    Remote job

    Zermount, Inc.

    Arlington, VA
    3 days ago
  • $110k - $130k

     ...needs of the public sector. Job Overview The RMF / ISSO Lead serves as the leader for the...  ...This role manages the RMF lifecycle under NIST 800-53 Rev. 5, leads Assessment and...  ...Certifications CISSP, CAP, or CGRC (or comparable RMF/GRC certification) Technical Skills Strong... 
    Full time
    Work at office
    Monday to Friday

    Development InfoStructure

    Bethesda, MD
    2 days ago
  • GoTo Meeting is seeking a GRC Analyst, Federal & Customer Programs, to manage security governance, risk, and compliance obligations. Responsibilities...  ...roles, strong technical writing skills, and familiarity with NIST frameworks. This position supports ongoing audits and assessments... 

    GoTo Meeting

    Washington DC
    4 days ago
  •  ...Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations...  ...guide them through compliance frameworks including HIPAA, SOC 2, NIST, and more. Responsibilities • Conduct security assessments and... 
    Full time
    Remote work

    Districttechgroup

    Washington DC
    18 hours ago
  • $56k - $71k

     ...with the right mix of talent. An Advisory Specialist I is an early‑career consultant in the...  ...changing environment. Experience with CMMC and NIST frameworks. Experience in Microsoft...  ...Security or MIS). Experience with GRC and/or analytic tools. Experience in a platform... 
    Work at office
    Local area
    Flexible hours

    Diligent-14787b60

    Washington DC
    4 days ago
  • Diligent Corporation in Washington, D.C. is seeking an Advisory Specialist I to support audit, risk, and compliance solutions. This early-career role requires collaboration and technical guidance while working closely with clients. You will engage in requirements capture... 

    Diligent Corporation

    Washington DC
    2 days ago
  • Diligent-14787b60 is looking for an Advisory Specialist I to join their Services team in Washington, D.C. This role involves delivering audit and compliance solutions to clients while fostering a collaborative environment. Responsibilities include engaging with clients... 

    Diligent-14787b60

    Washington DC
    4 days ago
  • $124.88k - $187.32k

     ...alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts responsible for supporting Information System Security...  .... Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation. Awareness of NIST SP 800-82, Guide... 

    Unofficial M.C. Dean

    Washington DC
    1 day ago
  • A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You... 

    Medium

    Alexandria, VA
    18 hours ago
  • $132k - $178k

     ...mid-career risk professional who is fluent in frameworks such as NIST RMF and CMMC, is developing practical experience with risk...  ...status tracking using tools such as Jira, Confluence, enterprise GRC platforms, and MS Project. Assist with audit readiness activities... 
    Permanent employment
    Contract work
    Work at office

    True Anomaly

    Washington DC
    3 days ago
  • A leading cybersecurity firm in Virginia seeks a Cybersecurity Engineer to enhance security protocols for mission-critical systems. Responsibilities include developing security plans, configuring devices, and conducting vulnerability scans. Candidates should possess a degree...

    M.C. Dean, Inc.

    Mc Lean, VA
    4 days ago
  •  ...SCI w/ Poly clearance. The GRC Analyst / Information System...  ...execute activities across all RMF phases (Prepare, Categorize, Select...  .... Monitor compliance with NIST 800-53, 800-171, ICD 503,...  ...Cybersecurity Framework 800-171 Specialist, CISSP, CISM, relevant GIAC certifications... 

    Core One

    McLean, VA
    more than 2 months ago
  • $65k - $80k

     ...industry regulations, such as ISO/IEC 27001, NIST SP 800-53, SSAE 18 SOCII TypeI and TypeII,...  .... Familiarity with the usage of modern GRC tooling (i.e., Drata, Vanta, ServiceNow, Whistic...  ...including (ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, NIST SP 800‑53, SSAE 18 SOC... 
    Immediate start
    Flexible hours

    EAB (Education Advisory Board)

    Washington DC
    2 days ago
  • Requirements Must possess knowledge of Government Security Policies (NIST / FISMA), Procedures, Standards, and Methodologies. Must possess a technical background in a wide array of technologies, network devices, hardware, and software, so that they understand and can discuss... 
    Work experience placement

    Technology Information Systems, LLC

    Washington DC
    2 days ago
  • $62k - $141k

     ...Job Number: R0242120 Information Assurance Specialist The Opportunity Cyber threats are everywhere, and the constantly evolving nature of...  ...'ll also apply National Institute of Standards and Technology (NIST) security controls, governance, risk management, and compliance... 
    Local area

    Phase2 Technology

    Arlington, VA
    13 hours ago
  •  ...seeking a Security Analyst to work with VA stakeholders, coordinating RMF steps 0-6 ATO activities and maintaining security posture across...  ...U.S. citizenship, strong communication, and experience with RMF, NIST controls, and risk management. VA contract environment offers... 
    Contract work

    Booz Allen Hamilton

    Mc Lean, VA
    1 day ago
  •  ...technology. SPA is seeking an IT Support Specialist to support NAVSEA's Naval Special Warfare...  ...40, including developing and maintaining RMF documentation, managing eMASS entries, conducting...  ...Demonstrated experience with RMF, eMASS, NIST SP 800-53 controls, and DoD cybersecurity... 
    Work at office

    Arena Technologies LLC

    Alexandria, VA
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to GRC / NIST RMF Specialist. Be the first to apply!