RMF Cybersecurity Analyst (15.43)
$90k - $110kOCT CONSULTING LLC
OCT Consulting is a business management and technology consulting firm that supports Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology. OCT currently has an opening for an RMF Cybersecurity Analyst to work with a federal client. The analyst will support the Information Systems Security Officer / Systems Security and Privacy Officer (ISSO/SSPO) in executing Risk Management Framework (RMF) compliance, Security Assessment and Authorization (SA&A) activities, and information security governance across a complex federal health statistics environment. This position is contingent upon contract award. Day-to-day responsibilities Assist the ISSO/SSPO in interfacing with federal staff, contractors, and business partners to execute information security aspects of the agency's CIPSEA obligations, IT modernization, and cloud migration efforts. Support Security Assessment and Authorization (SA&A) activities including agency-hosted, contractor-hosted, cloud-hosted, and FedRAMP SA&A; assist with interpretation of regulations and policy guidance. Develop, track, and update Plans of Action and Milestones (POA&Ms) for identified vulnerabilities and risks; report remediation status monthly. Prepare and maintain System Security Plans (SSPs) in accordance with NIST SP 800-18 and NIST SP 800-53. Conduct and document Risk Assessment Reports (RARs) consistent with NIST SP 800-30 and applicable agency policies. Support FISMA reporting to the Department of Homeland Security and OMB; prepare gap reports of agency practices against evolving federal, HHS, and agency requirements. Assist with Privacy Threshold Analyses (PTAs) and Privacy Impact Assessments (PIAs) in accordance with HHS policy and OMB M-03-22. Prepare weekly project management/status reports and monthly RMF status reports for the COR and Program POC. Develop and maintain reusable templates, standard operating procedures (SOPs), and process documentation (e.g., SSP templates, risk assessment templates, process flow diagrams). Coordinate with agency Security, Business, and Technical Stewards; provide stakeholder advisory support and training as required. Support EPLC security reviews, IT acquisition security reviews, and security governance coordination activities. Assist in applying CIPSEA oversight in coordination with the agency Confidentiality Officer. Maintain compliance with all agency security training requirements including annual Security Awareness Training (SAT) and role-based training (RBT). Qualifications Must be a U.S. Citizen. Minimum of 3–5 years of experience in federal information security, RMF implementation, or cybersecurity compliance. Demonstrated experience with NIST SP 800-37, 800-30, 800-53/53A, 800-60, and FIPS 199/200. Experience supporting FISMA compliance and reporting activities for a federal civilian agency. Experience developing, reviewing, and maintaining SA&A documentation artifacts (SSPs, RARs, POA&Ms, Contingency Plans). Proficiency with Governance, Risk, and Compliance (GRC) platforms such as Archer or comparable tools. Strong technical writing skills sufficient to independently produce clear, accurate, and professionally formatted security and compliance documentation. Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field (or equivalent work experience). Ability to obtain a Public Trust (Moderate Risk – Level 5 or higher) background investigation; an HSPD-12/PIV card will be required for facility and network access. Work will be performed primarily at the agency facility in Hyattsville, MD, with authorized telework on a situational basis. Must be able to commute to the Hyattsville, MD location. Preferred Qualifications Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), Certified Information Security Manager (CISM), or equivalent certification. Experience supporting HHS or other Federal civilian agency environments. Experience with CIPSEA, Privacy Act compliance, and handling of sensitive health statistics data. Familiarity with FedRAMP authorization activities and cloud migration security governance. Experience with continuous monitoring programs and vulnerability remediation in federal environments. OCT offers competitive compensation packages and a full suite of benefits which includes: Medical, Dental, and Vision insurance Retirement savings 401K plan provided by an industry leading provider with 3% employer contributions of the employee's gross salary Paid Time Off and Standard Government Holidays Life Insurance, Short- and Long-Term disability benefits Training Benefits Salary Range: $90,000 – $110,000 yearly commensurate with experience, education, and qualifications. #J-18808-Ljbffr
- ...Dark Wolf is seeking Cybersecurity Analysts to develop, manage, and maintain the security posture of information systems in Washington, DC. The... ...the authorization process, ensuring compliance with NIST & RMF standards, and managing cybersecurity best practices. The ideal...Suggested
- People, Technology & Processes is seeking a Cybersecurity Analyst V (Senior) to lead RMF lifecycle execution and coordinate Security Authorization Packages for DoD/DON programs. The role requires deep expertise in system categorization, control selection, assessment, authorization...Suggested
- People, Technology & Processes, LLC is seeking a Cybersecurity Analyst V (Senior) based in Washington, DC. The candidate must have at least 10 years... ...or a related field. Responsibilities include leading RMF lifecycle execution, coordinating Security Authorization Packages...Suggested
- People Technology And Processes is seeking a Cybersecurity Analyst V (Senior) in Washington D.C. This full-time position entails leading RMF lifecycle execution, overseeing vulnerability management, and helping to compile Security Authorization Packages. A Bachelor’s degree...SuggestedFull time
- ...experienced information security risk specialist to mitigate complex cybersecurity threats. This role requires collaboration with stakeholders to assess cybersecurity postures, leveraging eMASS and RMF for effective risk management. The ideal candidate will have a...SuggestedRemote job
- Astrion is seeking a Senior Cybersecurity Analyst located at the Washington Navy Yard in Washington, DC. This role involves leading efforts in the Risk Management Framework process, providing cybersecurity expertise, and ensuring compliance with DoD standards. The ideal...Full time
- ...Clearance: Active Secret required (Top Secret eligible) Type: Full-Time About The Role We are seeking a Cybersecurity Analyst with strong experience in ATO and RMF compliance to support a high-volume federal cybersecurity program. This role is heavily focused on leading...Full timeShift work
$62k - $141k
...Cybersecurity Analyst, Mid Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding... ..., including NIST SP 800-53, Risk Management Framework (RMF), FISMA, and FedRAMP Ability to work independently on multiple...Local area$190k - $200k
Active TS/SCI w/Polygraph REQUIRED. Please do not apply if you do not currently possess this level of clearance. Telework: None Basic Requirements Security+ Cert 12 years of experience in the Information Technology field Bachelor’s degree in a technical discipline ...Full timeImmediate startRemote work- A leading technology company seeks a Cyber Security Analyst in Suitland, MD to support government missions. The role involves developing... ...with federal standards. Candidates should have a BS in Cybersecurity and at least four years of relevant experience. A security certification...
$127k - $138k
...Position Type: Full Time. Salary Range: $127,000.00 - $138,000.00. Title: Cybersecurity Analyst V (Senior). Clearance Type: Secret with the ability to obtain a Top Secret. Responsibilities Lead RMF lifecycle execution: Develop, manage, and maintain RMF artifacts (system...Full time$130k
...Job Description Overview Senior Cybersecurity Analyst LOCATION: Washington DC – Navy Yard... ...degree in a relevant field and fifteen (15) years of relevant experience in cyber... ...In depth knowledge of all steps in the RMF Process. Ideal candidate has Risk Management...Full timeFlexible hours- A decision analytics firm is seeking a Senior Analyst in Arlington, VA, to provide cybersecurity expertise and lead Risk Management Framework processes. The ideal candidate will have a Bachelor's degree in Cybersecurity Management and at least 10 years of direct experience...
- A cybersecurity solutions provider is seeking a Cyber Security Analyst - Intermediate to support cybersecurity governance and defense. This role requires expertise in RMF/A&A processes and SOC operations, utilizing tools like Microsoft Sentinel for monitoring. Preferred...Remote job
- A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You...
$180k - $200k
As a Senior ATO Cybersecurity Analyst, your focus will be on Government System Authority to Operate (ATO) support. You will be responsible for... ...and security standards specific to ATO (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP) * Demonstrated and repeat...Full timeWork experience placementLocal areaFlexible hours$99k - $225k
...Portfolio Management Solution (APMS), Risk Management Framework (RMF), and defense Security Technical Implementation Guides (STIGs),... ...to work with the ISSM, ISSO, and stakeholders to understand cybersecurity postures to evaluate potential weaknesses, as well as the effectiveness...Full timeContract workPart timeWork at officeLocal areaRemote work- ...secret Clearance Certifications: Holds senior-level cybersecurity and GRC certifications appropriate for RMF and compliance roles, such as CISSP, CAP, CISM, or... ...Position Description PingWind is seeking a Cybersecurity Analyst responsible for leading governance, risk, and...Temporary workFlexible hours
$110k - $160k
...Cybersecurity SOC Analyst II Washington, District of Columbia, United States CHAOS Industries is redefining modern defense with a multi-product portfolio that gives the ultimate advantage—domain dominance. The company's products are powered by Coherent Distributed...Contract workWork experience placementCasual workRelocation package$78.9k - $123.3k
...Overview We are seeking a detail-oriented cybersecurity compliance professional to support system... ...will have experience working with NIST RMF, NIST SP 800-53 controls, security authorization... .... A High School degree with a total of 15 years of experience in cybersecurity or...Permanent employmentFull timePart timeWork at officeLocal areaRemote work- ...collaboration environments. The ideal candidate is an experienced cybersecurity professional with a strong technical foundation, curiosity... ...attempts Escalate validated security incidents to senior analysts or engineering teams as appropriate Support containment, remediation...
$140.5k - $210k
Summary Oversees and/or participates in the instrumentation and administration of cybersecurity tools, appliances, and measures to protect the Board’s IT assets and ensure the Board’s ability to conduct its mission. Utilizes cybersecurity tools such as firewalls, proxies...Full timeWork at office- ...security controls and best practices Support compliance initiatives Create security documentation and reports Requirements 3+ years of cybersecurity experience Knowledge of security frameworks (NIST, ISO 27001) Experience with SIEM and security tools Understanding of network...Full timeFlexible hours
- Cybersecurity Analyst - Crypto Modernization Alexandria, United States | Posted on 06/11/2026 Clearance Requirement Active Top Secret/SCI IAT/... ...Communications Security (COMSEC); Risk Management Framework (RMF); NIST cybersecurity standards; cybersecurity architecture; systems...Work at officeImmediate startFlexible hours
$30.08 - $52.65 per hour
...Plan with employer contribution Paid Time Off and paid holidays Health and wellness programs and more! Position Summary The Cybersecurity Analyst safeguards, monitors and continuously advances the organization’s security posture across complex hybrid environments,...Local area- A leading technology consulting firm in Washington, DC is seeking a Mid-Level Cybersecurity Specialist to join their security team. The candidate will conduct security assessments, monitor security systems, and support compliance initiatives while working in a hybrid environment...
$140.5k - $210.5k
Sr. Cybersecurity Analyst II (Sr Vulnerability Analyst) - Information Technology Primary Location: DC‑Washington Employee Status: Regular Overtime Status: Exempt Job Type: Standard Relocation Provided: Yes Compensation: $140,500 - $210,500 (FR PAY GRADE 27‑28) Posting...Work at officeRelocation- Rividium is seeking a Cloud Cybersecurity Analyst to support the MODES III team in Alexandria, Virginia. This position involves IT, Cybersecurity, and Data Operations with a focus on mission outcomes for service members and families. The ideal candidate will have a Bachelor...
$110k - $125k
...years. WHO WE ARE LOOKING FOR We are seeking a detail‑oriented Cybersecurity Analyst with hands‑on experience in enterprise security operations... ...and external security assessments (e.g., CMMC, IRS Pub 4812, RMF, and client audits) by gathering evidence and supporting control...Contract workTemporary workRemote workWork from home$110k - $140k
...candidate will have a Bachelor’s degree, over 10 years of experience in IT architecture or cybersecurity compliance, and strong knowledge of the Risk Management Framework (RMF). Your role will include providing technical leadership, developing security authorization artifacts...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to RMF Cybersecurity Analyst (15.43). Be the first to apply!
- IT cyber security Hyattsville, MD
- cyber security Hyattsville, MD
- cybersecurity software engineer Hyattsville, MD
- cybersecurity rmf analyst
- junior cyber security specialist
- senior cybersecurity analyst
- comptia cybersecurity analyst
- cyber security specialist
- junior cyber security consultant
- cyber-security operations specialist

