RMF/eMASS Specialist, Senior
Peraton, Herndon, VA, United States
About The Role
We are seeking a highly skilled and innovative RMF/eMASS Specialist, Senior to join our team in the greater DMV area, supporting the Army National Guard.
Responsibilities
Lead RMF security assessment and authorization activities for enterprise systems across classified and unclassified DoDIN environments.
Interpret and apply DoD, Army, and ARNG cybersecurity policy to assess system risk and define security control implementations.
Conduct security control assessments, continuous monitoring, security impact analyses, and STIG/IAVM validation aligned with NIST SP 800-53.
Manage RMF artifacts and documentation in eMASS to support ATO issuance, sustainment, and audit readiness.
Coordinate RMF activities with system owners, engineers, operations, and cybersecurity stakeholders to integrate security into change management and operations.
Evaluate security impacts of infrastructure, software, and configuration changes; validate remediation via testing and updated documentation.
Support incident response and vulnerability management by analyzing findings, developing POA&Ms, and tracking mitigations to closure.
Advise leadership on system risk posture, compliance trends, and security readiness; produce decision-grade RMF reports and briefings.
Qualifications
Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
Clearance: Active TS/SCI clearance.
Candidate must meet ONE of the following:
Master's degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
Relevant DoD/military training (examples: Security Control Assessor (Advanced) Playlist; DCMA DIBCAC Cybersecurity Assessor Advanced); OR
Relevant professional certification or equivalent experience (examples: CCISO; CISA; CISM; CISSP; CISSP-ISSEP; CySA+; GSLC; GSNA).
Required experience and skills:
Cybersecurity/RMF/ATO assessment experience with at least 3 years performing RMF lead or senior assessor roles in DoD or large enterprise environments.
Deep knowledge of NIST SP 800-53/800-37, DISA STIGs, IAVM processes, eMASS workflows, and POA&M management.
Hands-on experience conducting control assessments, evidence collection, validation testing, and continuous monitoring activities.
Proficiency managing eMASS artifacts, producing SSP/SAR packages, and briefing authorization decisions to leadership.
Strong stakeholder coordination skills to drive remediation, validate mitigations, and ensure accreditation readiness.
Desired:
Prior DoD/ARNG RMF/eMASS lead experience and familiarity with cloud authorization patterns and DevSecOps integration for RMF.
Experience automating evidence collection, integrating continuous monitoring tooling, and improving RMF process efficiency.
Details Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at https://www.careers.peraton.com/benefits.
EEO Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
#J-18808-Ljbffr
Responsibilities
Lead RMF security assessment and authorization activities for enterprise systems across classified and unclassified DoDIN environments.
Interpret and apply DoD, Army, and ARNG cybersecurity policy to assess system risk and define security control implementations.
Conduct security control assessments, continuous monitoring, security impact analyses, and STIG/IAVM validation aligned with NIST SP 800-53.
Manage RMF artifacts and documentation in eMASS to support ATO issuance, sustainment, and audit readiness.
Coordinate RMF activities with system owners, engineers, operations, and cybersecurity stakeholders to integrate security into change management and operations.
Evaluate security impacts of infrastructure, software, and configuration changes; validate remediation via testing and updated documentation.
Support incident response and vulnerability management by analyzing findings, developing POA&Ms, and tracking mitigations to closure.
Advise leadership on system risk posture, compliance trends, and security readiness; produce decision-grade RMF reports and briefings.
Qualifications
Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
Clearance: Active TS/SCI clearance.
Candidate must meet ONE of the following:
Master's degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
Relevant DoD/military training (examples: Security Control Assessor (Advanced) Playlist; DCMA DIBCAC Cybersecurity Assessor Advanced); OR
Relevant professional certification or equivalent experience (examples: CCISO; CISA; CISM; CISSP; CISSP-ISSEP; CySA+; GSLC; GSNA).
Required experience and skills:
Cybersecurity/RMF/ATO assessment experience with at least 3 years performing RMF lead or senior assessor roles in DoD or large enterprise environments.
Deep knowledge of NIST SP 800-53/800-37, DISA STIGs, IAVM processes, eMASS workflows, and POA&M management.
Hands-on experience conducting control assessments, evidence collection, validation testing, and continuous monitoring activities.
Proficiency managing eMASS artifacts, producing SSP/SAR packages, and briefing authorization decisions to leadership.
Strong stakeholder coordination skills to drive remediation, validate mitigations, and ensure accreditation readiness.
Desired:
Prior DoD/ARNG RMF/eMASS lead experience and familiarity with cloud authorization patterns and DevSecOps integration for RMF.
Experience automating evidence collection, integrating continuous monitoring tooling, and improving RMF process efficiency.
Details Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at https://www.careers.peraton.com/benefits.
EEO Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
#J-18808-Ljbffr