Open app
Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

GRC / NIST RMF Specialist

Apogee Global RMS

Washington DC

Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable engineering guidance, and can partner with federal stakeholders to drive accreditation success.

You will serve as a trusted advisor across security, engineering, and mission teams — ensuring that compliance is not a paperwork exercise but a strategic enabler of secure operations.

What You Will Lead:

  • Full lifecycle NIST RMF execution (Categorization → Continuous Monitoring)
  • Development and refinement of SSPs, POA&Ms, SARs, and control evidence packages
  • Security control assessments, gap analyses, and remediation planning
  • Advisory support for ATO readiness, audit preparation, and stakeholder coordination
  • Risk analysis and prioritization aligned to mission, system, and organizational impact
  • Collaboration with engineering teams to ensure controls are implemented effectively
  • Continuous monitoring strategy, reporting, and compliance sustainment

Requirements

Certifications:

  • CISA
  • CRISC
  • CISM
  • NIST RMF training (FedVTE or equivalent)
  • ISO 27001 Lead Auditor is a meaningful differentiator, especially for commercial‑adjacent bids

Technical & Functional Expertise:

  • Deep understanding of NIST 800‑53, NIST RMF, and federal security baselines
  • Experience preparing ATO packages and supporting federal accreditation processes
  • Ability to translate compliance requirements into clear, actionable engineering tasks
  • Strong writing and documentation skills for federal audiences
  • Experience working with ISSOs, ISSEs, SCA teams, and federal program leadership

Location & Clearance:

  • Must reside in the NCR (DC/MD/VA)
  • Secret clearance minimum; clearable candidates considered

Expected Skills:

  • Operates with precision, structure, and clarity
  • Understands both the technical and policy sides of federal cybersecurity
  • Can guide teams through complex accreditation processes without friction
  • Communicates confidently with auditors, assessors, and mission stakeholders
  • Thrives in high‑trust, high‑impact advisory environments

Benefits

Why Apogee:

Apogee supports federal programs in this prime engagement where governance and risk decisions directly influence mission readiness. You’ll work with senior stakeholders, shape compliance strategy, and operate in an environment that values expertise, discipline, and operational excellence.

How to Apply

For any questions (OR) to apply, please contact us at  View email address on click.appcast.io .

Apply
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the GRC / NIST RMF Specialist in Washington DC vacancy
  • GRC / NIST RMF Specialist
     ...Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable... 
    Suggested

    Apogee Global RMS

    Arlington, VA
    1 day ago
  • Senior ISSO: RMF & ATO Specialist for Federal Systems

    $105.1k - $231.1k

     ...Ideal candidates will have at least 15 years of experience in information security, a Secret security clearance, and expertise in RMF and NIST standards. This position offers a competitive salary range of $105,100 to $231,100, alongside comprehensive benefits. #J-18808-... 
    Suggested
    Work at office

    CACI International Inc.

    Washington DC
    13 hours ago
  • Senior RMF & ISSO Specialist — Hybrid (DC)
     ...Assessment and Authorization (A&A) support roles. Applicants should have at least 3 years of experience with RMF in Microsoft GCC-H environments and knowledge of NIST SP 800-53 and FISMA compliance. The position offers a hybrid work model requiring onsite meetings.... 
    Suggested

    Testpros

    Washington DC
    13 hours ago
  • Senior ISSO - Hybrid Federal Cyber Leader (NIST/RMF)
     ...will have at least 5 years of experience in ISSO duties, including systems security assessments. Responsibilities include coordinating NIST compliance, mentoring junior staff, and advising leadership. The position supports hybrid work, with 3 days a week on client site.... 
    Suggested
    Flexible hours
    3 days per week

    Coalfire

    Washington DC
    2 days ago
  • Senior ISSO: Cloud RMF & NIST Security Leader
     .... The ISSO will lead the implementation of security controls in accordance with NIST standards and prepare for independent security assessments. Responsibilities include supporting NIST RMF processes, managing security documentation, and evaluating security solutions. The... 
    Suggested

    Telophase Corporation

    Lanham, MD
    3 days ago
  • RMF Specialist: DoD Cybersecurity & Risk Management
    NV5, Inc. is seeking a Risk Management Framework (RMF) Specialist in Washington, DC to oversee cybersecurity processes and ensure compliance with DoD and Air Force policies. The role involves implementing RMF for Air Force information systems and conducting thorough risk... 

    NV5, Inc.

    Washington DC
    4 days ago
  • Senior Information System Security Officer / RMF Lead
     ...Senior Information System Security Officer / RMF Lead Position Overview The Senior...  ...implementation and execution in accordance with NIST, FISMA, OMB, HHS, CDC, and NCHS...  ...A-130, CIPSEA, EPLC, Archer or comparable GRC tools, continuous monitoring, vulnerability... 
    For contractors

    R3 Management Services

    Hyattsville, MD
    8 days ago
  • Senior Cybersecurity GRC Analyst - RMF/DoD (TS)
    A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You... 

    Medium

    Alexandria, VA
    1 day ago
  • Senior Analyst, Cybersecurity GRC
     ...Senior Analyst, Cybersecurity GRC, Washington, DC The Senior Analyst, Cybersecurity GRC will administer the completion of compliance...  ...risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT). Strong understanding of information security concepts... 
    Work experience placement

    NextStep

    Washington DC
    4 days ago
  • Post-Quantum Cryptography (PQC) Program Analyst / Cryptographic Modernization Specialist
     ...Program Analyst / Cryptographic Modernization Specialist to support Department of Defense (DoD)...  ...with DoD stakeholders, including NIST, NSA, DISA, and other federal organizations...  ...CNSA guidance, Risk Management Framework (RMF), Zero Trust Architecture, cloud security... 
    Work at office
    Immediate start
    Flexible hours

    Novul Solutions

    Alexandria, VA
    10 days ago
  • Cybersecurity /RMF Lead - Cloud

    $150k - $165k

     ...Cybersecurity /RMF Lead - CloudSuitland, MD Requires US Citizenship Yes Employment Term and Type: Regular, Full Time Required...  ...models. Support implementation and assessment of NIST SP 800-53 Rev. 5 security controls. Analyze vulnerability findings... 
    Full time
    Casual work
    Work at office
    Worldwide

    FGS

    Suitland, MD
    13 hours ago
  • Jr. Information Assurance Specialist
     ...the role of a Jr. Information Assurance Specialist. The candidate will provide accreditation...  ...sensitive or classified information. Ensure RMF compliance with SOPs, media sanitation...  .... Experience working with NIST Risk Management Framework. Ability to... 
    Temporary work

    Soft Tech Consulting

    Suitland, MD
    3 days ago
  • Information Assurance Specialist
     ...Job Description Information Assurance Specialist - (Suitland, Maryland). BizFirst is...  ...reviewing system compliance, monitoring RMF-related controls, and helping maintain the...  .... •Experience working with the NIST Risk Management Framework (RMF). •Ability... 
    Monday to Friday
    2 days per week
    3 days per week

    Biz First

    Suitland, MD
    13 hours ago
  • Senior ISSO: Lead Cybersecurity & RMF Compliance
     ...Security Plans and conducting security assessments. Candidates must have over 10 years of experience in cybersecurity, knowledge of NIST RMF, and the ability to obtain Top Secret/SCI clearance. Competitive compensation and strong benefits offered. #J-18808-Ljbffr Zantech

    Zantech

    Washington DC
    2 days ago
  • Senior Cloud ISSO - RMF & Cloud Security Lead
     ...information systems. The ideal candidate has extensive experience in cloud security, risk management, and knowledge of frameworks like RMF and NIST. Required qualifications include a Bachelor’s degree in Cybersecurity and at least 9 years of experience, including... 

    Bart & Associates, LLC

    Washington DC
    13 hours ago
  • IA/Cybersecurity Specialist (Secret) (4499)

    $103.2k - $172k

     ...seeking Information Assurance/Cybersecurity Specialists (Junior, Mid, and Senior) with a...  ...Assist in maintaining compliance with RMF and other DoD cybersecurity frameworks...  ...operating environments Familiarity with RMF, NIST 800-53, STIGs, and cloud security principles... 
    Contract work
    Work experience placement
    H1b
    Local area

    SMX Corporation

    Washington DC
    8 days ago
  • GRC Analyst
     ...The Governance, Risk, and Compliance (GRC) Analyst supporting federal and customer programs is responsible for evaluating, documenting...  ...Interpretation Maintain working knowledge of relevant standards such as NIST frameworks, ISO 27001, FedRAMP, CMMC, and applicable... 
    Contract work

    Nexus IT Group

    Washington DC
    2 days ago
  • Cybersecurity Specialist 4

    $124.88k - $187.32k

     ...alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts responsible for supporting Information System Security...  ...Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation Awareness of NIST Special Publication... 

    M.C. Dean, Inc.

    Washington DC
    4 days ago
  • Senior Navy Cybersecurity & RMF Specialist
    A leading employee-owned company in Washington, DC is seeking a Senior Information Systems Security Specialist. The role requires over 10 years of experience in Navy Cybersecurity programs, strong knowledge of Cyber Security and Risk Management Framework. A Bachelor’s... 

    International Executive Service Corps

    Washington DC
    1 day ago
  • RMF A&A Analyst — Navy Cybersecurity & ATO Lead

    $107.9k - $195.05k

    Join Leidos as a RMF Assessment & Authorization Analyst, supporting the Navy's Synthetic Signature Generation program. Your key role involves ensuring the security of advanced simulation systems, essential for Navy operations. This position requires a Bachelor's degree... 

    Leidos

    Bethesda, MD
    13 hours ago
  • FedRAMP Advisory Specialist I - GRC & Client Delivery
    Diligent-14787b60 is looking for an Advisory Specialist I to join their Services team in Washington, D.C. This role involves delivering audit and compliance solutions to clients while fostering a collaborative environment. Responsibilities include engaging with clients... 

    Diligent-14787b60

    Washington DC
    13 hours ago
  • GRC Analyst

    $189k - $225k

    About the Role The GRC Analyst, Federal & Customer Programs is responsible for the hands‑on analysis, documentation, and operational execution...  ...to the company's regulatory and contractual posture, including NIST SP 800‑171, NIST SP 800‑53, NIST CSF, CMMC, ISO 27001, FedRAMP,... 
    Ongoing contract
    Contract work
    For subcontractor
    Work at office
    3 days per week

    GoTo Meeting

    Washington DC
    13 hours ago
  • Cybersecurity Assurance Specialist W/Secret Clearance

    $95k - $150k

     ...Qualifications We are seeking a Cybersecurity Assurance Specialist to join our TekSynap Defense team....  ...of experience working with DoDI 8500.2 or NIST SP 800-53 security controls. Strong knowledge of Risk Management Framework (RMF) principles and processes. Proficiency... 
    Full time
    Contract work
    Temporary work
    Work at office
    Local area
    Remote work
    Monday to Friday
    Weekend work
    Day shift
    Afternoon shift

    TekSynap

    Washington DC
    1 day ago
  • Senior Associate/Privacy Specialist (Forensic Services practice)

    $130k - $152.5k

     ...Senior Associate/Privacy Specialist (Forensic Services Practice) CRA is a leading global consulting firm that provides independent economic...  ...and established compliance frameworks (CCPA/CPRA, GDPR, HIPAA, NIST, etc.) Translate regulatory requirements into clear... 
    Work at office
    Work from home
    3 days per week

    Charles River Associates

    Washington DC
    13 days ago
  • GRC Analyst: Cloud Security, Compliance & Risk Lead
    Neier Inc. is looking for a GRC Analyst to enhance their security compliance program. You will lead compliance efforts for CMMC, manage complex control frameworks, and design automation solutions to streamline risk assessments. The ideal candidate has over 5 years of experience... 
    Flexible hours

    Neier Inc.

    Washington DC
    13 hours ago
  • Governance, Risk, & Compliance (GRC) Analyst
    Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations...  ...guide them through compliance frameworks including HIPAA, SOC 2, NIST, and more. Responsibilities • Conduct security assessments and... 
    Full time
    Remote work

    Districttechgroup

    Washington DC
    2 days ago
  • Senior Cybersecurity GRC Analyst - RMF/DoD (TS)
    A leading federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA. This role includes managing governance, risk, and compliance activities to ensure compliance with DoD requirements. The ideal candidate will have at least 10 years of relevant experience...

    PingWind

    Alexandria, VA
    13 hours ago
  • Senior Cybersecurity GRC Analyst, DoD RMF (TS)
    PingWind is looking for a Cybersecurity Analyst in Alexandria, VA to lead governance, risk, and compliance activities, ensuring compliance with DoD cybersecurity standards. You will have a role in monitoring security controls and managing vulnerability assessments. The ...

    PingWind

    Alexandria, VA
    3 days ago
  • RMF Assessment & Authorization Analyst

    $107.9k - $195.05k

     ...ensuring the Navy is prepared for the challenges of today and tomorrow. Position Overview We are seeking a motivated and detail‑oriented RMF Assessment & Authorization Analyst to join our dynamic team supporting the Navy’s Synthetic Signature Generation (SSG) program. In... 
    For contractors

    Leidos

    Bethesda, MD
    13 hours ago
  • ISSO Team Lead
     ...cybersecurity matters related to assigned information systems across all NIST RMF phases, including system categorization, control baselines,...  ...working relationships with all stakeholders Experience with GRC tools such as vulnerability management, vulnerability scanning,... 
    Temporary work
    Immediate start
    Remote work

    AnaVation LLC

    Washington DC
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to GRC / NIST RMF Specialist. Be the first to apply!

Related searches