7 hours

Cyber Risk Management Framework (RMF) Subject Matter Expert

Chantilly, VA 20151

The Cyber/Risk Management Framework (RMF) SME leads and manages all aspects the cyber security systems engineering of a space/ground acquisition program including the Risk Management Framework (RMF), the System Security Plan, and implementation of the Plans of Action and Milestones (POA&M) process. The leads serves as the technical subject matter expert for all security architecture design and cyber resiliency.
Provides analytical and technical security recommendations to the customer
Lead for the identification of projects security requirements
Provides security recommendations for systems using Cloud services
Participates in network design reviews and security testing for the customers networks
Coordinates with system development teams to ensure network security standards are being followed and implemented correctly
Identifies additional security requirements, based on RMF or as the result of security issues that put the customers systems at risk
Reviews and analyzes new systems (hardware and software) and provides recommendations concerning their security
Reviews Security Requirements Traceability Matrixes (SRTMs), System Security Plans (SSPs) and other IA documentation for completeness
Develop security controls and derived requirements
Develop and coordinate RMF documentation and supporting artifacts for the assessment and authorization (A&A) of the system.
Develop and implement a Continuous Monitoring (ConMon) Strategy
Support the development of a cyber-threat model that describes the types of threats
Lead the development and implementation of a Plan of Actions and Milestones (POA&M) process
Support the development of a system security architecture in the form of diagrams and descriptive
The Cyber/Risk Management Framework (RMF) SME provides feedback to design engineers and evaluates end-to-end systems and systems-oriented products through their entire life cycle. Working as expert, conducts research and evaluates technical performance of software products and overall segments and systems. Ensures products and systems comply with requirements and government information assurance and cyber security standards and practices through formal verification methods. Verifies/validates systems with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures focused on the threat to information networks. Assesses performance using evaluation criteria and technical performance measures. Prepares assessments and cyber threat profiles of current and planned products based on sophisticated testing, research, and analysis. Participates in design reviews of components (hardware and software) to ensure applicability to the current system and traceability of requirements. Reviews test plans/procedures and ensures they verify/validate the requirements. Develops and maintains analytical procedures to meet changing requirements. Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and operations officials.


Requires 12 to 15 years with BS/BA or 10 to 13 years with MS/MA or 7 to 9 years with Ph.D.

Desired qualifications include:

Current U.S. Government Top Secret/SCI with Poly
An Advanced Cyber Certification (DoD 8570/8140 IAT Level III)
A certification in one of the below Cloud certifications:
CompTIA Secure Cloud Professional (CSCP)
CompTIA Cloud+ CE
AWS certification (Associate or Professional in Solutions Architect, Developer, DevOps Engineer, or Security Advanced Networking)
Certified Cloud Security Professional (CCSP)
Cloud Certified Professional
Google Certified Professional Cloud Architect
Certificate of Cloud Security Knowledge
VMWare Certified Advanced Professional Cloud Infrastructure Administration
Microsoft Specialist: Implementing Microsoft Azure Infrastructure Solutions
Microsoft Specialist Architecting Microsoft Azure Solutions
At least 3 year of demonstrated experience providing security engineering to cloud capabilities and solutions in AWS, Azure or other mainstream CSP
Excellent communications skills Verbal and Non-Verbal

About Peraton

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the cant be done, solving the most daunting challenges facing our customers.

We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.

As a government contractor, Peraton abides by the following provision

Pay Transparency Nondiscrimination Provision

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractors legal duty to furnish information. 41 CFR 60-1.35(c).


  • Information Technology
Posted: 2021-05-11 Expires: 2021-06-09

With offerings in mission services, digital transformation and enterprise operations, our team of 14,000 engineers, analysts, investigators and architects work tirelessly to create innovative solutions. We have the expertise and experience not only to devise solutions, but to execute on them successfully.

Sponsored by:
ADP Logo
Sponsored by:
Bank of America Logo

Featured Jobs[ View All ]

Featured Employers

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cyber Risk Management Framework (RMF) Subject Matter Expert

Chantilly, VA 20151

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast