GRC / NIST RMF Specialist
Apogee Global RMS
Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable engineering guidance, and can partner with federal stakeholders to drive accreditation success.
You will serve as a trusted advisor across security, engineering, and mission teams — ensuring that compliance is not a paperwork exercise but a strategic enabler of secure operations.
What You Will Lead:
- Full lifecycle NIST RMF execution (Categorization → Continuous Monitoring)
- Development and refinement of SSPs, POA&Ms, SARs, and control evidence packages
- Security control assessments, gap analyses, and remediation planning
- Advisory support for ATO readiness, audit preparation, and stakeholder coordination
- Risk analysis and prioritization aligned to mission, system, and organizational impact
- Collaboration with engineering teams to ensure controls are implemented effectively
- Continuous monitoring strategy, reporting, and compliance sustainment
Requirements
Certifications:
- CISA
- CRISC
- CISM
- NIST RMF training (FedVTE or equivalent)
- ISO 27001 Lead Auditor is a meaningful differentiator, especially for commercial‑adjacent bids
Technical & Functional Expertise:
- Deep understanding of NIST 800‑53, NIST RMF, and federal security baselines
- Experience preparing ATO packages and supporting federal accreditation processes
- Ability to translate compliance requirements into clear, actionable engineering tasks
- Strong writing and documentation skills for federal audiences
- Experience working with ISSOs, ISSEs, SCA teams, and federal program leadership
Location & Clearance:
- Must reside in the NCR (DC/MD/VA)
- Secret clearance minimum; clearable candidates considered
Expected Skills:
- Operates with precision, structure, and clarity
- Understands both the technical and policy sides of federal cybersecurity
- Can guide teams through complex accreditation processes without friction
- Communicates confidently with auditors, assessors, and mission stakeholders
- Thrives in high‑trust, high‑impact advisory environments
Benefits
Why Apogee:
Apogee supports federal programs in this prime engagement where governance and risk decisions directly influence mission readiness. You’ll work with senior stakeholders, shape compliance strategy, and operate in an environment that values expertise, discipline, and operational excellence.
How to Apply
For any questions (OR) to apply, please contact us at View email address on click.appcast.io .
Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the GRC / NIST RMF Specialist in Washington DC vacancy
- ...Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable...Suggested
Apogee Global RMS
Arlington, VA2 days ago - Apogee Global RMS in Washington seeks a GRC / NIST RMF Specialist to enhance governance, risk, and compliance processes for federal programs. The ideal candidate will lead NIST RMF execution and develop vital strategic documents. Strong knowledge of federal security baselines...Suggested
- ...the lives of patients while transforming your career. Specialist IT SOX and SAP GRC Compliance What you will do Let's do this. Let's change... ...standards and frameworks such as ISO 27001/27002, NIST, and others. Preferred Certifications: Certified Information...SuggestedWork experience placementFlexible hours
Amgen
Washington DC4 days ago - ...Assessment and Authorization (A&A) support roles. Applicants should have at least 3 years of experience with RMF in Microsoft GCC-H environments and knowledge of NIST SP 800-53 and FISMA compliance. The position offers a hybrid work model requiring onsite meetings....Suggested
- A technology solutions provider in McLean, Virginia is seeking a GRC RegScale Administrator. This role involves managing the RegScale GRC platform, ensuring compliance with federal mandates and government policies, and supporting system migrations. The ideal candidate should...Suggested
$91.3k - $184.9k
...moves missions and the government forward! An A&A Specialist will apply appropriate information security controls... ...(FedRAMP, FISMA, Zero Trust Maturity Model, RMF, and NIST SP 800 series and NIST SP 800-53) + GRC tools experience (e.g. XACTA, ArchAngel, eMASS, CSAM...Interim roleLive inWork at officeLocal areaAccenture
Washington DC2 days ago- ...will have at least 5 years of experience in ISSO duties, including systems security assessments. Responsibilities include coordinating NIST compliance, mentoring junior staff, and advising leadership. The position supports hybrid work, with 3 days a week on client site....Flexible hours3 days per week
- .... The ISSO will lead the implementation of security controls in accordance with NIST standards and prepare for independent security assessments. Responsibilities include supporting NIST RMF processes, managing security documentation, and evaluating security solutions. The...
- Booz Allen Hamilton seeks an eMASS System Administrator in Arlington, VA to manage user accounts and support the RMF system. You will be the primary contact for 1,000 users, addressing requests and coordinating with stakeholders. The ideal candidate will have over 3 years...
- ...Senior Analyst, Cybersecurity GRC, Washington, DC The Senior Analyst, Cybersecurity GRC will administer the completion of compliance... ...risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT). - Strong understanding of information security concepts...Work experience placement
Next Step Systems LTD
Washington DC9 hours ago $80k - $85k
...Authorization to Operate (ATO) packages and ensuring compliance with NIST and federal regulations. You will utilize your project management... ...have a Bachelor’s degree in a relevant field and experience in GRC tools. The position offers a competitive salary range of $80,000–...Remote workSignature Performance
Washington DC9 hours ago- A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You...
- ...Government Information Specialist SME / Privacy Lead Position Title: Government Information... ...Records Act, FISMA, OMB Circular A-130, NIST SP 800-53 Rev 5, NIST SP 800-171 Rev 3, and... .... Working knowledge of NIST RMF, NIST SP 800-53 Rev 5, NIST SP 800-171 Rev...
cFocus Software
Washington DC9 hours ago - ...Junior Cybersecurity Specialist At Leidos, we deliver innovative solutions through the efforts... ...DoD systems in accordance with DoDI 8510.01, NIST SP 800-53, and other DoD security guidance. Lead the integration of RMF activities into the system development lifecycle...Internship
Leidos
Washington DC2 days ago $120.96k - $212.04k
...Cybersecurity Resilience Specialist - Governance Risk and Compliance Location: Washington... ...methodologies and standards (e.g., ISO 22301, NIST SP 800-34, FFIEC), with hands-on... ...continuity planning tools, platforms, or GRC systems ~ Relevant certifications such...Temporary workWork at officeTik Tok
Washington DC4 days ago- ...Senior Cybersecurity Specialist Leidos has an exciting opportunity for a Senior Cybersecurity... ...part of the Risk Management Framework (RMF) and Authority to Operate (ATO) processes... ...(EDR) platforms. ~ Familiarity with NIST cybersecurity frameworks, including NIST...Immediate startFlexible hours
Leidos
Bethesda, MD1 day ago $95k - $150k
...We are seeking a Cybersecurity Assurance Specialist to join our TekSynap Defense team. REQUIRED... ...of experience working with DoDI 8500.2 or NIST SP 800-53 security controls. Strong knowledge of Risk Management Framework (RMF) principles and processes. Proficiency...Full timeContract workTemporary workWork at officeLocal areaRemote workMonday to FridayWeekend workDay shiftAfternoon shiftTekSynap
Washington DC3 days ago- ...technology. #MC SPA is seeking an IT Support Specialist to support NAVSEA's Naval Special Warfare... ...40, including developing and maintaining RMF documentation, managing eMASS entries,... ...Demonstrated experience with RMF, eMASS, NIST SP 800-53 controls, and DoD cybersecurity...Work at office
Systems Planning and Analysis, Inc
Alexandria, VA2 days ago $120k
...party validation. Summary The Senior Information Assurance Specialist plays a pivotal role in safeguarding the cybersecurity... ...strategies that align with DHS policies and frameworks (e.g., NIST 800-53, RMF, FISMA). Develop tools and techniques for threat detection,...Contract workLocal areaMonday to Friday- ...Internal Review Specialist II ProSidian seeks an internal Review Specialist II located in... ...experience in IT Governance, Risk and Compliance (GRC), Policy and Standards development and... ...Good understanding of COSO, COBIT, ITIL, NIST, FISMA, A123, ISO 27000, SOX 404 and CFOA...Work experience placement
ProSidian Consulting
Arlington, VA2 days ago $124.88k - $187.32k
...alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts responsible for supporting Information System Security... ...Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation Awareness of NIST Special Publication...M.C. Dean, Inc.
Washington DC2 days ago- ...Security Risk Management Specialist In depth understanding and hand on experience with NIST 800-53, 800-36 and 800-66 frameworks. Significant experience with full... ...Register functional application via Service Now IRM/GRC environment. Significant experience with...
Samprasoft
Washington DC3 days ago - ...keep reading. About the role Socure is seeking an Analyst, GRC - Public Sector to execute and enhance the company's governance,... ...and regulatory requirements, including controls aligned with NIST SP 800-53 rev 5 and other related frameworks. Prepare certification...Permanent employmentContract work
Socure Inc
Washington DC3 days ago - ...The Governance, Risk, and Compliance (GRC) Analyst supporting federal and customer programs is responsible for evaluating, documenting... ...Interpretation Maintain working knowledge of relevant standards such as NIST frameworks, ISO 27001, FedRAMP, CMMC, and applicable...Contract work
Nexus IT Group
Washington DC9 hours ago $103.2k - $172k
...seeking Information Assurance/Cybersecurity Specialists (Junior, Mid, and Senior) with a... ...Assist in maintaining compliance with RMF and other DoD cybersecurity frameworks... ...operating environments Familiarity with RMF, NIST 800-53, STIGs, and cloud security principles...Contract workWork experience placementH1bLocal areaSMX Corporation
Washington DC1 day ago- A leading employee-owned company in Washington, DC is seeking a Senior Information Systems Security Specialist. The role requires over 10 years of experience in Navy Cybersecurity programs, strong knowledge of Cyber Security and Risk Management Framework. A Bachelor’s...
- ...Job Description Information Assurance Specialist - Hybrid (Suitland, Maryland). BizFirst... ...reviewing system compliance, monitoring RMF-related controls, and helping maintain the... .... · Experience working with the NIST Risk Management Framework (RMF). · Ability...Monday to Friday
BizFirst
Suitland, MD9 days ago - ...Job Description Information Assurance Specialist Location: Arlington, VA Clearance:... ...based on the Risk Management Framework (RMF). Prepare and maintain accreditation and... ...~ Strong knowledge of FISMA, RMF, and NIST SP 800-53 frameworks. ~ Security+ or CISSP...Contract work
SiloSmashers
Arlington, VA6 days ago $112.8k - $257k
...Job Number: R0238707 Cybersecurity and RMF Engineer, Lead The Opportunity: Are you looking for an opportunity to share your experience... ...'t wait. You Have: ~8+ years of experience with RMF, NIST 800-53, Zero Trust, STIGs, vulnerability management, ATO packages...Full timeContract workPart timeWork at officeLocal areaRemote workBooz Allen Hamilton
Arlington, VA4 days ago$189k - $225k
About the Role The GRC Analyst, Federal & Customer Programs is responsible for the hands‑on analysis, documentation, and operational execution... ...to the company's regulatory and contractual posture, including NIST SP 800‑171, NIST SP 800‑53, NIST CSF, CMMC, ISO 27001, FedRAMP,...Ongoing contractContract workFor subcontractorWork at office3 days per week
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to GRC / NIST RMF Specialist. Be the first to apply!
Related searches
- vetting specialist Washington DC
- protection specialist Washington DC
- mental health specialist Washington DC
- outreach specialist Washington DC
- community outreach specialist Washington DC
- registration specialist Washington DC
- accessibility specialist Washington DC
- intake specialist Washington DC
- bilingual specialist Washington DC
- governance specialist Washington DC