RMF Cybersecurity Engineer (Jr & Sr) [2022-081]


An RMF Cybersecurity Engineer must have a thorough understanding of the RMF process and familiarity with IT/network technologies. Thus, this individual is expected to provide technical support to perform RMF process steps and assist with the planning, development, implementation, assessment, and validation of the systems to correctly implement the selected security controls and conform to RMF package processing requirements.

Required Skills:

Primary Skills & Responsibilities:

• Experience and thorough understanding of Risk Management Framework (RMF) lifecycle to include a working knowledge of the each of the stages within the process

• Support client risk management activities including Security Test and Evaluations (ST&E), system documentation, authorizations, risk assessments, third party audits, compliance with NIST 800-53, and threat assessments in accordance with RMF lifecycle and processes.

• Plan and monitor security control implementation for the protection of networks, enclaves, and information systems.

• Generate and interpret ACAS scans to identify system vulnerabilities and monitor remediation efforts or mitigation strategies.

• Working knowledge and experience implementing and evaluating manual Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), SCAP Compliance Checker (SCC), and eMASSter.

• Working knowledge of common assessment & authorization (A&A) application platform e.g. eMASS.

• 2-5+ years’ experience with cybersecurity methodologies, tools and best practices.

• 2+ years’ experience supporting C&A/A&A processes.

Bachelors or higher

2-5+ years depending on which role (Jr or Sr)

Travis AFB, CA



In compliance with Colorado’s Equal Pay for Equal Work Act, the salary range for this role is $90,000 - $140,000. Please note, salary is based on education, experience, and responsibilities.

U.S. Citizenship is required. EOE including disability/vet
Equal Employment Opportunity Information