Cybersecurity Risk Management Specialist

Summary

Join Dark Wolf Solutions as a Cybersecurity Risk Management Specialist! This remote-based role (with occasional on-site requirements) requires a strong understanding of information security, risk management, and compliance. You will design, implement, and maintain secure systems, ensuring alignment with security standards and regulations. Responsibilities include leading RMF processes for clients, managing A&A packages, and briefing stakeholders. The ideal candidate possesses extensive experience in information security, proven expertise in RMF, and proficiency with security tools like eMASS and Xacta. A Bachelor's degree and DoD 8570 IAT Level II compliance are required, along with a Secret security clearance. This position offers a competitive salary between $150,000 and $175,000.

Requirements

• 5–10+ years of experience in information security principles, security engineering, risk management, and compliance
• 5+ years of experience in designing, implementing, and documenting system security requirements
• 2+ years of experience implementing and maintaining common control providers
• Strong understanding of the RMF process and its application in government and enterprise environments
• Proficient in developing and maintaining A&A packages, POA&Ms, and other compliance artifacts
• Hands-on experience with security tools and platforms such as eMASS and Xacta
• Excellent problem-solving and analytical skills with the ability to minimize risks efficiently
• Exceptional communication skills for stakeholder engagement and briefing sessions
• B.A. or B.S. in Information Systems, Computer Engineering, or related discipline
• DoD 8570 compliance with IAT Level II Required
• US Citizenship and at minimum active Secret security clearance required

Responsibilities

• Design, test, and implement secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, and incident response activities
• Maintain and enforce common control providers to support compliance across systems
• Develop organizational policies and procedures that highlight best practices for cybersecurity hygiene, compliance, and risk management
• Ensure alignment with security standards and compliance regulations
• Plan, execute, and monitor the seven-step RMF process for clients
• Support the entry and maintenance of data into information system security systems of record, such as eMASS and Xacta
• Lead cybersecurity activities through all stages of the system lifecycle, from planning and development to deployment
• Ensure systems are properly hardened and that security analysis addresses all potential vulnerabilities
• Manage and maintain Assessment and Authorization (A&A) packages, including: System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), and other artifacts required by Authorizing Officials (AOs)
• Oversee the Authorization to Operate (ATO) process for modular systems
• Manage POA&Ms by compiling, tracking, and closing system vulnerabilities
• Recommend and implement fix actions and compensating controls, as necessary
• Brief Security Control Assessors (SCAs) and Authorizing Officials (AOs) weekly on the cybersecurity posture of risk management packages

Preferred Qualifications

• Proven ability to gain a continuous authority to operate
• Experience with digital forensics, loss prevention, and eDiscovery are a plus
• The following certifications are desired: Security+, CISSP, CISM, CISA, CRISC
• Ability to guide customers to obtain a certificate to field

Benefits

The estimated salary for this position is $150,000.00 to $175,000.00, commensurate on experience and technical interview