Risk Management Framework (RMF) Analyst

Company: DeVillier's Technology Solutions
Location: Stafford
Posted on: February 19, 2026

Job Description:

Job Description Job Description Position Summary The candidate shall be responsible for analyzing Software applications and encryption technology product(s) being assessed or developed for the purpose of specifying and developing Risk Management Framework (RMF) documentation. These documents are required in order to submit products for an Authority To Operate (ATO) or for certifications, such as the National Information Assurance Partnership (NIAP) and the Classified Solutions for Classified (CSfC). Essential Duties and Responsibilities The essential functions include, but are not limited to the following: Apply the NIST Special Publication 800-37 Rev 2 Risk Management Framework (RMF) process to information systems and applications currently being assessed or developed by our company for use in the U.S. Federal government, especially the Department of Defense (DoD). Formulate plans and schedules to conduct either portions or all of the RMF process on selected products. Conduct and guide the analysis needed to gather information needed to produce RMF artifacts. Provide recommendation on how RMF products can be used to prepare for other processes or certifications, such as NIAP and CSfC. Develop RMF documentation as required to prepare products and systems for submission to an ATO authority or a NIAP/CSfC laboratory. Minimum Qualifications (Knowledge, Skills, and Abilities) Experience conducting RMF process, per NIST SP 800-37 for in-development or existing programs or systems. Experience personally drafting RMF products. Detailed knowledge ofNIST SP 800-53. Experience using Cyber-Security analysis tools. Desired Qualifications (Knowledge, Skills, and Abilities) Experience undergoing the NIAP certification process to successful completion, or work experience conducting NIAP certification within a third party NIAP laboratory. Experience working within the CSfC program. Certifications in Information Systems security, such as CISSP. Compensation Salary is $80,000 - $125,000, based on experience and qualifications Benefits include health, dental, and vision insurance, short and long term disability, life insurance, 401K, Health Reimbursement Agreement (HRA), and 10 days paid leave, 7 sick days, and 11 Federal holidays.

Keywords: DeVillier's Technology Solutions, Olney , Risk Management Framework (RMF) Analyst, IT / Software / Systems , Stafford, Maryland