GRC / NIST RMF Specialist
Apogee Global RMS
Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable engineering guidance, and can partner with federal stakeholders to drive accreditation success. You will serve as a trusted advisor across security, engineering, and mission teams — ensuring that compliance is not a paperwork exercise but a strategic enabler of secure operations. What You Will Lead: Full lifecycle NIST RMF execution (Categorization → Continuous Monitoring) Development and refinement of SSPs, POA&Ms, SARs, and control evidence packages Security control assessments, gap analyses, and remediation planning Advisory support for ATO readiness, audit preparation, and stakeholder coordination Risk analysis and prioritization aligned to mission, system, and organizational impact Collaboration with engineering teams to ensure controls are implemented effectively Continuous monitoring strategy, reporting, and compliance sustainment Certifications: CISA CRISC CISM NIST RMF training (FedVTE or equivalent) ISO 27001 Lead Auditor is a meaningful differentiator, especially for commercial‑adjacent bids Technical & Functional Expertise: Deep understanding of NIST 800‑53, NIST RMF, and federal security baselines Experience preparing ATO packages and supporting federal accreditation processes Ability to translate compliance requirements into clear, actionable engineering tasks Strong writing and documentation skills for federal audiences Experience working with ISSOs, ISSEs, SCA teams, and federal program leadership Location & Clearance: Must reside in the NCR (DC/MD/VA) Secret clearance minimum; clearable candidates considered Expected Skills: Operates with precision, structure, and clarity Understands both the technical and policy sides of federal cybersecurity Can guide teams through complex accreditation processes without friction Communicates confidently with auditors, assessors, and mission stakeholders Thrives in high‑trust, high‑impact advisory environments Why Apogee: Apogee supports federal programs in this prime engagement where governance and risk decisions directly influence mission readiness. You’ll work with senior stakeholders, shape compliance strategy, and operate in an environment that values expertise, discipline, and operational excellence. How to Apply For any questions (OR) to apply, please contact us at View email address on click.appcast.io . #J-18808-Ljbffr
- ...Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable...Suggested
- CL 1e6d8f31 073f 48cd b324 b581c00084bf is seeking a Compliance Analyst focused on GRC and RMF initiatives. You will support governance and compliance by developing security documentation in accordance with federal standards. The ideal candidate will have experience in...Suggested
- PingWind is seeking a Cybersecurity Analyst to lead GRC activities ensuring DoD RMF compliance for MODES III systems. The role requires Top Secret clearance and senior RMF/GRC certifications, with extensive experience in risk management and security control programs. You...Suggested
- ...cybersecurity professional responsible for implementing technical controls and configuration settings. You will work alongside engineers and RMF analysts to support information system security. The ideal candidate should have significant experience in cybersecurity,...Suggested
- ...Senior Analyst, Cybersecurity GRC, Washington, DC The Senior Analyst, Cybersecurity GRC will administer the completion of compliance... ...risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT). Strong understanding of information security concepts...SuggestedWork experience placement
- ...Senior Information Assurance Specialist At ValidaTek, we modernize and optimize IT services to solve some of the most critical... ...strategies that align with DHS policies and frameworks (e.g., NIST 800-53, RMF, FISMA). Develop tools and techniques for threat detection,...Monday to Friday
- ...Information Assurance Specialist (Hybrid) Location: Arlington, VA (Hybrid) Clearance: Must be... ...based on the Risk Management Framework (RMF). Prepare and maintain accreditation and... ...role. Strong knowledge of FISMA, RMF, and NIST SP 800-53 frameworks. Security+ or CISSP...Contract work
- ...In depth understanding and hand on experience with NIST 800-53, 800-36 and 800-66 frameworks. Significant experience with full cycle... ...Analysis, Risk Register functional application via Service Now IRM/GRC environment. Significant experience with Service Now ecosystem...
$120.96k - $212.04k
...Cybersecurity Resilience Specialist - Governance Risk and Compliance Location: Washington... ...methodologies and standards (e.g., ISO 22301, NIST SP 800-34, FFIEC), with hands-on... ...continuity planning tools, platforms, or GRC systems ~ Relevant certifications such...Temporary workWork at office- ...in Chevy Chase, MD, is seeking a Senior Compliance Engineer to manage cybersecurity compliance programs aligned with CMMC Level 2, NIST SP 800-171, and other regulations. You will report directly to the CISO, focusing on aligning security tools with compliance requirements...Remote work
- ...professional in Washington, D.C. for system authorization and continuous monitoring activities. Candidates should have experience with NIST RMF, SP 800-53 controls, and compliance documentation, supporting Authorization to Operate decisions. This position requires strong...
- ...experienced Information Security Systems Officer (ISSO) to lead RMF, ATO, and continuous monitoring for a major federal initiative. You... ...secure cloud architectures across AWS and Azure, implement NIST 800-53 controls, perform risk assessments, and drive DevSecOps with...
- Devis seeks an RMF lead to drive the RMF program and ATO lifecycle for NIH OD OIT. The role centers on managing... ...years in RMF/A&A/ISSO support for federal systems, deep NIST 800-53 Rev.5 knowledge, and relevant RMF/GRC certifications. A formal clearance requirement applies...
- Zermount, Inc. is seeking an ISSO Program Manager in Arlington, VA. The successful candidate will provide project management and security expertise, managing a team to ensure compliance and risk management processes align with federal guidelines. Responsibilities include...Remote job
$110k - $130k
...needs of the public sector. Job Overview The RMF / ISSO Lead serves as the leader for the... ...This role manages the RMF lifecycle under NIST 800-53 Rev. 5, leads Assessment and... ...Certifications CISSP, CAP, or CGRC (or comparable RMF/GRC certification) Technical Skills Strong...Full timeWork at officeMonday to Friday- GoTo Meeting is seeking a GRC Analyst, Federal & Customer Programs, to manage security governance, risk, and compliance obligations. Responsibilities... ...roles, strong technical writing skills, and familiarity with NIST frameworks. This position supports ongoing audits and assessments...
- ...Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations... ...guide them through compliance frameworks including HIPAA, SOC 2, NIST, and more. Responsibilities • Conduct security assessments and...Full timeRemote work
$56k - $71k
...with the right mix of talent. An Advisory Specialist I is an early‑career consultant in the... ...changing environment. Experience with CMMC and NIST frameworks. Experience in Microsoft... ...Security or MIS). Experience with GRC and/or analytic tools. Experience in a platform...Work at officeLocal areaFlexible hours- Diligent Corporation in Washington, D.C. is seeking an Advisory Specialist I to support audit, risk, and compliance solutions. This early-career role requires collaboration and technical guidance while working closely with clients. You will engage in requirements capture...
- Diligent-14787b60 is looking for an Advisory Specialist I to join their Services team in Washington, D.C. This role involves delivering audit and compliance solutions to clients while fostering a collaborative environment. Responsibilities include engaging with clients...
$124.88k - $187.32k
...alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts responsible for supporting Information System Security... .... Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation. Awareness of NIST SP 800-82, Guide...- A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You...
$132k - $178k
...mid-career risk professional who is fluent in frameworks such as NIST RMF and CMMC, is developing practical experience with risk... ...status tracking using tools such as Jira, Confluence, enterprise GRC platforms, and MS Project. Assist with audit readiness activities...Permanent employmentContract workWork at office- A leading cybersecurity firm in Virginia seeks a Cybersecurity Engineer to enhance security protocols for mission-critical systems. Responsibilities include developing security plans, configuring devices, and conducting vulnerability scans. Candidates should possess a degree...
- ...SCI w/ Poly clearance. The GRC Analyst / Information System... ...execute activities across all RMF phases (Prepare, Categorize, Select... .... Monitor compliance with NIST 800-53, 800-171, ICD 503,... ...Cybersecurity Framework 800-171 Specialist, CISSP, CISM, relevant GIAC certifications...
$65k - $80k
...industry regulations, such as ISO/IEC 27001, NIST SP 800-53, SSAE 18 SOCII TypeI and TypeII,... .... Familiarity with the usage of modern GRC tooling (i.e., Drata, Vanta, ServiceNow, Whistic... ...including (ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, NIST SP 800‑53, SSAE 18 SOC...Immediate startFlexible hours- Requirements Must possess knowledge of Government Security Policies (NIST / FISMA), Procedures, Standards, and Methodologies. Must possess a technical background in a wide array of technologies, network devices, hardware, and software, so that they understand and can discuss...Work experience placement
$62k - $141k
...Job Number: R0242120 Information Assurance Specialist The Opportunity Cyber threats are everywhere, and the constantly evolving nature of... ...'ll also apply National Institute of Standards and Technology (NIST) security controls, governance, risk management, and compliance...Local area- ...seeking a Security Analyst to work with VA stakeholders, coordinating RMF steps 0-6 ATO activities and maintaining security posture across... ...U.S. citizenship, strong communication, and experience with RMF, NIST controls, and risk management. VA contract environment offers...Contract work
- ...technology. SPA is seeking an IT Support Specialist to support NAVSEA's Naval Special Warfare... ...40, including developing and maintaining RMF documentation, managing eMASS entries, conducting... ...Demonstrated experience with RMF, eMASS, NIST SP 800-53 controls, and DoD cybersecurity...Work at office
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to GRC / NIST RMF Specialist. Be the first to apply!
- order management specialist Arlington, VA
- measurement specialist Arlington, VA
- senior systems specialist Arlington, VA
- facility management specialist Arlington, VA
- human factors specialist Arlington, VA
- leasing specialist Arlington, VA
- order specialist Arlington, VA
- funding specialist Arlington, VA
- assessment specialist Arlington, VA
- systems integration specialist Arlington, VA

