Source Job

US

  • Lead ISSO activities to ensure confidentiality, integrity, availability, and compliance of enterprise applications and information systems.
  • Manage RMF processes including ATO packages, continuous monitoring, risk assessments, and accreditation documentation within eMASS.
  • Implement and maintain compliance with DISA STIGs, NIST 800-53 controls, and federal cybersecurity requirements.

Cybersecurity Risk Management Framework (RMF) EMASS NIST 800-53

20 jobs similar to Information Assurance Cybersecurity Subject Matter Expert

Jobs ranked by similarity.

US

  • Lead RMF authorization activities, including SSP, SAP, SAR, and POA&M development.
  • Conduct vulnerability assessments and enforce secure configurations using CIS Benchmarks and DISA STIGs.
  • Support cloud security initiatives in AWS GovCloud and advise on AI-enabled system security.

This company provides cybersecurity solutions for federal government systems. They are a mid-sized organization with a collaborative culture focused on security and compliance.

US

  • Maintain Risk Management Framework artifacts for DevSecOps pipeline inheritance of NIST SP 800-53 controls.
  • Complete and validate STIG/SRG checklists quarterly and provide monthly application STIG status reports.
  • Evaluate program risks, document mitigation strategies, and recommend courses of action to ensure continuous ATO compliance.

DecisionPoint is a company providing cloud services and DevSecOps solutions, supporting ARTRANS AWS environments. It is a regular full-time employer fostering a culture of security and compliance, with an active Secret clearance required for this role.

$112,000–$179,000/yr
US

  • Lead and execute RMF compliance activities in accordance with DoD and NIST requirements, supporting system accreditation and ATO efforts.
  • Conduct STIG and SRG assessments across Windows, Linux, database, cloud, and application environments using tools such as SCC and STIG Viewer.
  • Analyze vulnerability scan results, develop and maintain POA&Ms, and track remediation activities to closure.

Peraton is a next-generation national security company that drives missions of consequence across land, sea, space, air, and cyberspace. As a leading mission capability integrator and enterprise IT provider, we deliver trusted solutions to protect our nation and allies, supporting essential government agencies and every branch of the U.S. armed forces.

$120,000–$140,000/yr
US

  • Conduct IT and cybersecurity risk assessments across systems, applications, and business processes.
  • Lead audit readiness activities for frameworks like SOC 2, HIPAA, and NYDFS.
  • Manage security policies, third-party vendor assessments, and develop risk dashboards.

Jobgether uses an AI-powered matching process to connect candidates with hiring companies. They focus on efficient, objective application review and are a remote-first organization.

US

  • Serves as a cybersecurity SME for Assessment and Authorization (A&A) of information systems, applying NIST 800-53 security controls and the Risk Management Framework (RMF) process.
  • Possesses five years of relevant RMF, NIST, and A&A experience, including assessing security controls for large, complex organizations like DLA.
  • Briefs senior management on authorization progress and understands cybersecurity in emerging technology areas such as Cloud and Industrial Control Systems.

Horizon Industries Limited is a dynamic IT and Management Consulting firm based in the Washington, DC area, providing full-cycle IT consulting and management support to both private and public sectors. Founded in 1996, the company prides itself on a diverse, employee- and family-centric culture with a focus on professional growth.

$55,000–$55,000/yr
US

  • Perform project tasks independently while contributing to cybersecurity assessment engagements and client deliverables.
  • Collect, organize, and analyze documentation, evidence, and technical artifacts required for security reviews.
  • Support assessments related to cybersecurity, compliance, and information security programs.

Our partner is a company focused on helping organizations strengthen their security posture and maintain compliance with industry standards. They offer a dynamic and collaborative work environment with career growth opportunities in cybersecurity.

US

  • Monitor security alerts, vulnerabilities, and incidents across enterprise systems and assist in incident response.
  • Maintain compliance with standards such as NIST CSF, ISO 27001, and SOC 2 through audits and policy development.
  • Conduct security risk assessments, evaluate controls, and track remediation plans.

Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, they support data centers, healthcare, and industrial facilities.

$105,000–$130,000/yr
US

  • Consult onsite and remotely with customers to collect and analyze data related to policies, infrastructure, and compliance requirements.
  • Perform gap analyses of current environments and recommend remediation steps.
  • Assist with sales and marketing activities as a subject matter expert and prepare industry presentations.

CampusGuard provides information security and privacy consulting and compliance services for campus-based organizations. It is a full-service firm leveraging industry standards to deliver world-class security and compliance services.

$77,800–$85,341/yr
US

  • Design and implement enterprise security controls aligned with NIST SP 800-53 and Zero Trust Architecture principles.
  • Conduct continuous security monitoring, incident response, and vulnerability management across cloud, network, and endpoint environments.
  • Develop and maintain cybersecurity SOPs, security baselines, and asset inventories to support audit readiness.

DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA, supporting public sector agencies and commercial enterprises globally. Recognized as a Top Workplace, the company delivers secure, efficient, and cost-effective solutions through a culture guided by five core values.

Global

  • Own RMF authorizations across Department of War components and FedRAMP High, alongside CMMC 2.0 and SOC 2 compliance for corporate systems.
  • Maintain authorization and audit evidence, including SSPs, SARs, POA&Ms, STIGs, and control mappings.
  • Partner with Engineering, Product, and Security to embed compliance requirements into system design and CI/CD workflows.

Onebrief builds collaboration and AI-powered workflow software for military planning and operational coordination. Founded in 2019, valued at over $2 billion, they are a distributed team of builders from military, operational, and technology backgrounds.

$111,427–$200,000/yr
US

  • Lead Risk Management Framework activities for a federal AI platform deployment in AWS GovCloud.
  • Own authorization artifacts and coordinate with ISSOs and Authorizing Officials for ATO.
  • Partner with platform engineers on cloud and container security, vulnerability management, and hardening.

LMI is a digital solutions provider dedicated to accelerating government impact with innovation and speed, bringing commercial-grade platforms and mission-ready AI to federal agencies. Headquartered in Tysons, Virginia, it serves the defense, space, healthcare, and energy sectors, with a culture more startup than traditional government contractor.

$175,000–$265,000/yr
US Unlimited PTO

  • Develop and execute cybersecurity strategy, roadmap, and governance to protect Voyager's information systems and mission-critical environments.
  • Lead security operations, incident response, vulnerability management, and compliance with government regulations like CMMC and NIST.
  • Oversee security architecture, risk management, and team leadership to enable secure innovation in aerospace and defense.

Voyager is an innovative space, defense, and national security technology company delivering transformative, mission-critical solutions. It fosters a culture where innovation thrives, curiosity is rewarded, and impact is real, with a team of doers, thinkers, and builders united by purpose.

Brazil

  • Structure, implement, and improve cybersecurity governance processes.
  • Manage cybersecurity risks and ensure compliance with frameworks like NIST and ISO 27001.
  • Collaborate with technical and business teams to promote security awareness and continuous improvement.

US

  • Develop and maintain Information Security Management System documentation including policies and procedures.
  • Design and execute security awareness training programs to strengthen cybersecurity knowledge.
  • Collaborate with security experts and business stakeholders to ensure clear and effective communication.

US

  • Lead the security strategy, governance, and operational execution for enterprise platforms supporting mission-critical capabilities across the Department of Defense and USSOCOM.
  • Develop enterprise security strategies aligned to Zero Trust principles and oversee implementation of security controls across cloud, hybrid, and containerized environments.
  • Provide technical leadership for identity and access management, cloud security posture management, and security automation initiatives while ensuring compliance with DoD RMF.

LMI is a digital solutions provider dedicated to accelerating government impact with innovation and speed, delivering commercial-grade platforms and mission-ready AI to federal agencies. Headquartered in Tysons, Virginia, LMI serves the defense, space, healthcare, and energy sectors, focusing on agility and collaboration to help agencies navigate complexity.

US

  • Manage a portfolio of customers, driving adoption, retention, and long-term success through strategic advisory.
  • Translate cybersecurity objectives into measurable outcomes and actionable improvement strategies.
  • Proactively identify risks and opportunities to optimize customer satisfaction and platform value.

The partner company is a cybersecurity firm that helps organizations strengthen their security programs through continuous validation and strategic guidance. It offers a remote-first, innovation-focused culture with a collaborative team.

$122,209–$211,317/yr
US

  • Support Army logistics enterprise architecture, cybersecurity, and systems engineering initiatives.
  • Analyze business and technical requirements to drive modernization and digital transformation.
  • Develop executive-ready briefings, reports, and architectural recommendations for leadership.

LMI is a digital solutions provider dedicated to accelerating government impact with innovation and speed. The company serves federal agencies with a focus on agility and collaboration, employing a team of professionals committed to mission-driven results.

$115,000–$176,000/yr
US UK Global

  • Support the lifecycle management of cybersecurity offerings, including ideation, design, and launch.
  • Partner with leadership to standardize services and create go-to-market sales collateral.
  • Perform competitive analysis and pricing to inform packaging and growth strategies.

Coalfire is on a mission to make the world a safer place by solving clients' hardest cybersecurity challenges. They are a team of thought leaders and consultants headquartered in Chicago with offices across the U.S. and U.K., supporting clients worldwide.

US

  • Lead design and implementation of secure, scalable cloud architectures for a large federal civilian agency.
  • Direct all aspects of program performance including scope, schedule, cost, quality, and risk management.
  • Oversee compliance with federal cybersecurity frameworks such as FISMA, FedRAMP, NIST SP 800 53, and Zero Trust.

Peraton is a next-generation national security company that drives missions of consequence and serves as the world's leading mission capability integrator and transformative IT provider. It delivers trusted solutions to protect the nation and allies, supporting essential government agencies and all branches of the U.S. armed forces.

US Unlimited PTO

  • Serve as a trusted advisor to clients, defining and advancing cybersecurity strategy over multi-year engagements.
  • Develop prioritized security roadmaps and advise on governance, risk, and compliance frameworks.
  • Translate technical risk into business language for executives and boards, owning the advisory relationship.

Apollo Information Systems is a cybersecurity services company delivering comprehensive security and compliance programs, pioneering a cybersecurity-as-a-service model. Backed by Series A funding, we foster a collaborative, mission-driven culture with deep expertise, and primarily work remotely with a hub in Denver.