Mediabistro logo
job logo

NIST Risk Management Framework SME

Boston Government Services, Los Alamos, NM, United States

Boston Government Services, LLC. (BGS) has created this

Evergreen Talent Pool

post for gathering qualified candidates for a position relating to

NIST Risk Management Framework (RMF) Subject Matter Expert (SME)

to support our clients. The RMF SME will provide expert guidance and support for implementing and maintaining compliance with NIST SP 800-53 security controls across federal systems, ensuring adherence to the RMF lifecycle, including categorization, selection, implementation, assessment, authorization, and continuous monitoring of security controls.

Responsibilities

Lead RMF activities for federal systems, ensuring compliance with NIST SP 800-53 and related standards.

Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms).

Conduct gap analyses and risk assessments to identify compliance deficiencies and recommend remediation strategies.

Provide expert guidance on security control implementation and documentation for Authorization to Operate (ATO) packages.

Support security audits and assessments, including preparation for FISMA and FedRAMP requirements.

Deliver training and workshops on RMF processes and NIST SP 800-53 controls.

Collaborate with system owners, ISSOs, and other stakeholders to ensure continuous monitoring and risk mitigation.

Requirements

Bachelor's degree in Cybersecurity, Information Systems, or related field (or equivalent experience).

Minimum 5 years of experience in cybersecurity compliance, with at least 3 years focused on RMF and NIST SP 800-53.

Demonstrated experience developing SSPs, POA&Ms, and conducting security assessments.

Strong understanding of NIST SP 800 series (800-53, 800-37, 800-171) and FISMA requirements.

Professional certifications such as CISSP, CISM, CISA, or equivalent are required.

Excellent technical writing and communication skills for compliance documentation.

Preferred Qualifications

ISSEP (formerly CISSP-ISSEP) certification.

Experience with cloud security and FedRAMP controls.

Ability to lead compliance workshops and mentor junior staff.

Location / Work Arrangement

This position is a Remote Work Arrangement with some travel/onsite requirements.

Benefits
BGS offers a competitive total compensation package to eligible employees. Benefits include Health, Dental, Vision, Life Insurance, Paid Vacation, 401K, Long and Short-Term Disability.

EEO
BGS is an Equal Opportunity/Affirmative Action employer. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.

#J-18808-Ljbffr