Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

GRC / NIST RMF Specialist

Apogee Global RMS

Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable engineering guidance, and can partner with federal stakeholders to drive accreditation success.

You will serve as a trusted advisor across security, engineering, and mission teams — ensuring that compliance is not a paperwork exercise but a strategic enabler of secure operations.

What You Will Lead:

  • Full lifecycle NIST RMF execution (Categorization → Continuous Monitoring)
  • Development and refinement of SSPs, POA&Ms, SARs, and control evidence packages
  • Security control assessments, gap analyses, and remediation planning
  • Advisory support for ATO readiness, audit preparation, and stakeholder coordination
  • Risk analysis and prioritization aligned to mission, system, and organizational impact
  • Collaboration with engineering teams to ensure controls are implemented effectively
  • Continuous monitoring strategy, reporting, and compliance sustainment

Requirements

Certifications:

  • CISA
  • CRISC
  • CISM
  • NIST RMF training (FedVTE or equivalent)
  • ISO 27001 Lead Auditor is a meaningful differentiator, especially for commercial‑adjacent bids

Technical & Functional Expertise:

  • Deep understanding of NIST 800‑53, NIST RMF, and federal security baselines
  • Experience preparing ATO packages and supporting federal accreditation processes
  • Ability to translate compliance requirements into clear, actionable engineering tasks
  • Strong writing and documentation skills for federal audiences
  • Experience working with ISSOs, ISSEs, SCA teams, and federal program leadership

Location & Clearance:

  • Must reside in the NCR (DC/MD/VA)
  • Secret clearance minimum; clearable candidates considered

Expected Skills:

  • Operates with precision, structure, and clarity
  • Understands both the technical and policy sides of federal cybersecurity
  • Can guide teams through complex accreditation processes without friction
  • Communicates confidently with auditors, assessors, and mission stakeholders
  • Thrives in high‑trust, high‑impact advisory environments

Benefits

Why Apogee:

Apogee supports federal programs in this prime engagement where governance and risk decisions directly influence mission readiness. You’ll work with senior stakeholders, shape compliance strategy, and operate in an environment that values expertise, discipline, and operational excellence.

How to Apply

For any questions (OR) to apply, please contact us at  View email address on click.appcast.io .

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the GRC / NIST RMF Specialist in Washington DC vacancy
  • CL 1e6d8f31 073f 48cd b324 b581c00084bf is seeking a Compliance Analyst focused on GRC and RMF initiatives. You will support governance and compliance by developing security documentation in accordance with federal standards. The ideal candidate will have experience in... 
    Suggested

    CL 1e6d8f31 073f 48cd b324 b581c00084bf

    Washington DC
    5 days ago
  •  ...in Chevy Chase, MD, is seeking a Senior Compliance Engineer to manage cybersecurity compliance programs aligned with CMMC Level 2, NIST SP 800-171, and other regulations. You will report directly to the CISO, focusing on aligning security tools with compliance requirements... 
    Suggested
    Remote work

    Lynk

    Chevy Chase, MD
    5 days ago
  • $110k - $130k

     ...needs of the public sector. Job Overview The RMF / ISSO Lead serves as the leader for the...  ...This role manages the RMF lifecycle under NIST 800-53 Rev. 5, leads Assessment and...  ...Certifications CISSP, CAP, or CGRC (or comparable RMF/GRC certification) Technical Skills Strong... 
    Suggested
    Full time
    Work at office
    Monday to Friday

    Development InfoStructure

    Bethesda, MD
    2 days ago
  •  ...cybersecurity professional responsible for implementing technical controls and configuration settings. You will work alongside engineers and RMF analysts to support information system security. The ideal candidate should have significant experience in cybersecurity,... 
    Suggested

    Unofficial M.C. Dean

    Washington DC
    1 day ago
  •  ...Senior Analyst, Cybersecurity GRC, Washington, DC The Senior Analyst, Cybersecurity GRC will administer the completion of compliance...  ...risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT). Strong understanding of information security concepts... 
    Suggested
    Work experience placement

    NextStep

    Washington DC
    3 days ago
  • A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You... 

    Medium

    Alexandria, VA
    5 days ago
  •  ...validation. Summary: The Senior Information Assurance Specialist plays a pivotal role in safeguarding the cybersecurity...  ...strategies that align with DHS policies and frameworks (e.g., NIST 800-53, RMF, FISMA). Develop tools and techniques for threat detection... 
    Contract work
    Local area
    Monday to Friday

    ValidaTek

    Washington DC
    3 days ago
  •  ...The Governance, Risk, and Compliance (GRC) Analyst supporting federal and customer programs is responsible for evaluating, documenting...  ...Interpretation Maintain working knowledge of relevant standards such as NIST frameworks, ISO 27001, FedRAMP, CMMC, and applicable... 
    Contract work

    Nexus IT Group

    Washington DC
    16 hours ago
  •  ...Security Risk Management Specialist In depth understanding and hand on experience with NIST 800-53, 800-36 and 800-66 frameworks. Significant experience with full...  ...Register functional application via Service Now IRM/GRC environment. Significant experience with... 

    Samprasoft

    Washington DC
    4 days ago
  • $120.96k - $212.04k

     ...Cybersecurity Resilience Specialist - Governance Risk and Compliance Location: Washington...  ...methodologies and standards (e.g., ISO 22301, NIST SP 800-34, FFIEC), with hands-on...  ...continuity planning tools, platforms, or GRC systems ~ Relevant certifications such... 
    Temporary work
    Work at office

    Tik Tok

    Washington DC
    5 days ago
  • $57.85k - $104.58k

     ...exciting opportunity for a Junior Cybersecurity Specialist in our Intel Security Sector’s Analysis...  ...DoD systems in accordance with DoDI 8510.01, NIST SP 800-53, and other DoD security guidance. Lead the integration of RMF activities into the system development lifecycle... 
    Internship

    Dormont Manufacturing Company

    Bethesda, MD
    4 days ago
  •  ...leading technology firm is seeking an experienced IT Support Specialist to provide cybersecurity support for NAVSEA's Naval Special Warfare...  ..., active DoD Secret clearance, and familiarity with RMF and NIST SP 800-53 controls. The role includes developing RMF documentation... 
    Work at office

    Arena Technologies LLC

    Alexandria, VA
    2 days ago
  •  ...Cybersecurity Specialist- Public Trust Level 5 or Higher Security Clearance required for this...  ...support enterprise Risk Management Framework (RMF) activities, cloud security operations,...  ...lifecycle activities in accordance with NIST SP 800-37/30/53. Support compliance... 
    Contract work
    For contractors
    Work at office

    enGenius Consulting Group

    Hyattsville, MD
    5 days ago
  •  ...Information Assurance Specialist Location: Arlington, VA Clearance: Must be a U.S. citizen...  ...based on the Risk Management Framework (RMF). Prepare and maintain accreditation...  ...~ Strong knowledge of FISMA, RMF, and NIST SP 800-53 frameworks. ~ Security+ or CISSP... 
    Contract work

    Silo Smashers

    Arlington, VA
    5 days ago
  •  ...Posted on 05/20/2026 Information Assurance Specialist - Hybrid (Suitland, Maryland) BizFirst...  ..., reviewing systemcompliance, monitoring RMF-related controls, and helping maintain thedocumentation...  .... Experience working with the NIST Risk Management Framework (RMF). Ability... 
    Monday to Friday

    Biz First

    Suitland, MD
    5 days ago
  •  ...space for meetings and work as needed. Responsibilities include RMF package development, executive briefings, audits, and liaison with...  ...SISO, PM, and AO. Travel up to 25% is required; strong expertise in NIST SP 800-series and TS/SCI clearance are #J-18808-Ljbffr 3M... 
    Remote job

    3M HEALTHCARE

    Alexandria, VA
    19 hours ago
  •  ...professional in Washington, D.C. for system authorization and continuous monitoring activities. Candidates should have experience with NIST RMF, SP 800-53 controls, and compliance documentation, supporting Authorization to Operate decisions. This position requires strong... 

    Noblis

    Washington DC
    1 day ago
  • Zermount, Inc. is seeking an ISSO Program Manager in Arlington, VA. The successful candidate will provide project management and security expertise, managing a team to ensure compliance and risk management processes align with federal guidelines. Responsibilities include...
    Remote job

    Zermount, Inc.

    Arlington, VA
    3 days ago
  • GoTo Meeting is seeking a GRC Analyst, Federal & Customer Programs, to manage security governance, risk, and compliance obligations. Responsibilities...  ...roles, strong technical writing skills, and familiarity with NIST frameworks. This position supports ongoing audits and assessments... 

    GoTo Meeting

    Washington DC
    4 days ago
  •  ...Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations...  ...guide them through compliance frameworks including HIPAA, SOC 2, NIST, and more. Responsibilities • Conduct security assessments and... 
    Full time
    Remote work

    Districttechgroup

    Washington DC
    5 days ago
  • $56k - $71k

     ...with the right mix of talent. An Advisory Specialist I is an early‑career consultant in the...  ...changing environment. Experience with CMMC and NIST frameworks. Experience in Microsoft...  ...Security or MIS). Experience with GRC and/or analytics tools. Experience in a... 
    Work at office
    Local area
    Flexible hours

    Diligent Corporation

    Washington DC
    2 days ago
  • Rividium Inc is seeking a Cyber Threat Intelligence Specialist in Alexandria, Virginia, to support the Military Community and Family Policy. This role requires a bachelor's degree and relevant experience, focusing on cybersecurity compliance and analysis. The ideal candidate... 

    Rividium Inc

    Alexandria, VA
    1 day ago
  • Diligent Corporation in Washington, D.C. is seeking an Advisory Specialist I to support audit, risk, and compliance solutions. This early-career role requires collaboration and technical guidance while working closely with clients. You will engage in requirements capture... 

    Diligent Corporation

    Washington DC
    2 days ago
  • $120.8k - $265.8k

     ...skilled and experienced Certification & Accreditation (C&A) Specialist (Level 3) to join our dynamic team to support a DoD...  ...C&A processes in accordance with DIACAP, ICD 503, and NIST Risk Management Framework (RMF).Security Assessments: Conduct security assessments of... 
    Contract work
    Work experience placement
    Local area
    Flexible hours

    CACI International Inc.

    Suitland, MD
    3 days ago
  • $110k - $130k

    Development InfoStructure is seeking a RMF / ISSO Lead to manage the Risk Management Framework lifecycle at NIH/OD IT. The role includes guiding risk management processes, ensuring compliance with NIST standards, producing necessary documentation, and supporting audits... 
    Full time

    Development InfoStructure

    Bethesda, MD
    1 day ago
  • Diligent-14787b60 is looking for an Advisory Specialist I to join their Services team in Washington, D.C. This role involves delivering audit and compliance solutions to clients while fostering a collaborative environment. Responsibilities include engaging with clients... 

    Diligent-14787b60

    Washington DC
    4 days ago
  • $124.88k - $187.32k

     ...alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts responsible for supporting Information System Security...  .... Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation. Awareness of NIST SP 800-82, Guide... 

    Unofficial M.C. Dean

    Washington DC
    1 day ago
  • $132k - $178k

     ...mid-career risk professional who is fluent in frameworks such as NIST RMF and CMMC, is developing practical experience with risk...  ...status tracking using tools such as Jira, Confluence, enterprise GRC platforms, and MS Project. Assist with audit readiness activities... 
    Permanent employment
    Contract work
    Work at office

    True Anomaly

    Washington DC
    2 days ago
  • AMA Consulting is looking for a SME Document Management Specialist based in Laurel, Maryland. This role involves developing, organizing, and ensuring quality assurance for deliverables under the AI RMF support program. Candidates should have a Bachelor’s degree and 5+ years... 

    AMA CONSULTING

    Laurel, MD
    2 days ago
  • $65k - $80k

     ...industry regulations, such as ISO/IEC 27001, NIST SP 800-53, SSAE 18 SOC II Type I and Type...  ...Familiarity with the usage of modern GRC tooling (i.e., Drata, Vanta, ServiceNow, Whistic...  ...including (ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, NIST SP 800-53, SSAE 18 SOC... 
    Immediate start
    Flexible hours

    EAB

    Washington DC
    17 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to GRC / NIST RMF Specialist. Be the first to apply!