Job Description

Arthur Grand Technologies is currently seeking a highly motivated and skilled RMF and Policy Analyst

for one of our clients.

Position: RMF and Policy Analyst

Location: Alexandria, VA, (Currently Remote)

Type: C2H

Primarily remote position but travel to onsite locations may be required.  

Description

The client is seeking an RMF and Policy Analyst who will support a federal government client's Continuous Authorization to Operate (cATO) program. This role is critical in ensuring that the Risk Management Framework (RMF) processes are properly analyzed, documented, and implemented, aligning with federal cybersecurity policies and NIST guidelines.

Key Responsibilities:

Policy Development: Assist in the development of new policies and processes that support the continuous Assessment and Authorization (A&A) cycle, automating RMF processes in various environments, including cloud and on-premise systems.

Risk Management: Work closely with the GRC Policy Lead and RMF Subject Matter Expert to analyze risk management processes, ensuring that they comply with NIST standards and align with DevSecOps practices.

Documentation and Controls: Develop and maintain control libraries and ensure that all RMF processes are properly documented, tested, and reported using Open Security Controls Assessment Language (OSCAL).

Compliance: Ensure compliance with NIST SP 800-53 Rev. 5 security controls and provide insights into improving the automation of compliance tasks.

Continuous Monitoring: Support continuous monitoring efforts by providing real-time risk visibility through centralized security artifacts .

Collaboration: Coordinate with various government client teams, including Security Control Assessors (SCAs) and Cloud Engineers, to ensure policies are integrated into all aspects of the cATO framework.

Requirements

Required Skills, Credentials, and Qualifications

Bachelor’s degree in Information Technology, Cybersecurity, or a related field.

Minimum of 2 years' experience in RMF implementation, particularly within federal environments.

Expertise in NIST guidelines and federal cybersecurity policies.

Experience working in DevSecOps environments and automating RMF processes.

Strong analytical and documentation skills, with a deep understanding of policy development .

Excellent verbal and written communication skills

Strong interpersonal skills, including experience working with clients

Ability to manage several projects and tasks simultaneously, prioritize and plan work activities while meeting respective deadline

Ability to travel as needed (~5% travel annually)

                       

Arthur Grand Technologies is an Equal Opportunity Employer (including disability/vets)

About Arthur Grand Technologies:

Arthur Grand Technologies is a leading provider of staffing and technology consulting services. Our company is managed by a team of professionals who have worked for big 5 consulting firms for 20+ years. We are a minority-owned staff augmentation and technology consulting company.

At Arthur Grand Technologies, we value our employees & contractors and strive to provide them with challenging, interesting work, market-relevant benefits, and opportunities for professional growth. If you have the necessary qualifications, and are excited to join a dynamic team.

Thank you for considering Arthur Grand Technologies. We look forward to hearing from you soon.

Best regards,

Richard Tucker

Arthur Grand Technologies Inc

(url removed)

Arthur Grand Technologies is an Equal Opportunity Employer (including disability/vets)