RMF / ATO Automation Lead
Mythics, Virginia Beach, VA, United States
RMF / ATO Automation Lead
United States
Benefits
Comprehensive Health, Dental, and Vision plans
Premier 401k retirement plan with corporate matching and a 529 college saving plan
Tax-advantaged Health Savings Account and Dependent Care Flexible Spending Account options
Legal Resources
Generous work/life balance opportunities supported by a PTO bank, paid holidays, leave programs and additional flex time off
Employee referral program
Employee recognition, gift and reward program
Tuition reimbursement for continuing education
Remote or hybrid work options
Engaging company events such as team building activities, annual awards and kick-off parties
Health and wellness-focused activities
Relaxation Spaces
In-office gourmet coffee, tea, fresh fruit and healthy snacks
Corporate GREEN approach tracking energy consumption for reduction and purchasing only environmentally friendly products for our offices
Responsibilities
Lead the end-to-end RMF accreditation and ATO lifecycle for assigned enclaves, including initial ATO and continuous ATO (cATO).
Implement and assess security controls in accordance with CNSSI 1253, NIST SP 800‑171, and NIST SP 800‑53/800‑59 as applicable.
Author, maintain, and update RMF documentation including System Security Plans (SSPs), POA&Ms, security assessments, and supporting artifacts.
Manage ATO submission packages and navigate eMASS approval chains, coordinating with ISSOs, ISSEs, AO representatives, and government stakeholders.
Design and implement automation strategies to streamline compliance, control validation, evidence collection, and continuous monitoring.
Support DevSecOps‑driven cATO processes, integrating security controls into CI/CD pipelines.
Lead and support continuous monitoring activities, including vulnerability management, log analysis, and control effectiveness reporting.
Architect and support Identity and Access Management (IAM) federation solutions within Oracle Cloud Infrastructure (OCI).
Partner with engineering, cloud, and security teams to ensure RMF requirements are embedded into system architecture and operational processes.
Provide expert guidance on operating in IL5/IL6 classified and regulated cloud environments.
Qualifications
Security Clearance: US citizenship with the ability to obtain a Secret security clearance.
Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent experience).
15+ years of experience supporting RMF, ATO, or cybersecurity compliance efforts within DoD or IC environments.
Demonstrated experience leading ATO and/or cATO efforts for complex systems or enclaves.
Hands‑on experience with eMASS, including package development, workflow management, and approvals.
Proven experience supporting systems at Impact Level 5 (IL5) and/or Impact Level 6 (IL6).
Ability to obtain and maintain a U.S. Government security clearance (active clearance preferred).
Knowledge / Skills / Abilities
Deep expertise in RMF for DoD systems, including control implementation, assessment, and authorization.
Strong working knowledge of eMASS, RMF workflows, and AO expectations.
Experience automating security and compliance tasks using tools such as Ansible, Terraform, and SCAP tooling.
Proficiency with cloud security in Oracle Cloud Infrastructure (OCI), including OCI Logging Analytics.
Familiarity with containerized and cloud‑native environments, including Docker and Kubernetes.
Experience integrating SIEM tools and log analytics to support continuous monitoring.
Solid understanding of DevSecOps methodologies and embedding security into CI/CD pipelines.
Strong documentation, communication, and stakeholder management skills, with the ability to translate compliance requirements into technical solutions.
Ability to operate independently as a senior lead while mentoring junior RMF or security staff.
Mythics, LLC is an equal opportunity employer. In accordance with applicable federal, state, and/or local law, all qualified applicants will receive consideration regardless of race, color, religion, national origin, sex, disability, sexual orientation, gender identity, age, marital status, medical condition, veteran status, or other factors protected by law. We offer equal opportunity in compensation, advancement opportunities, and all other terms and conditions of employment.
#J-18808-Ljbffr
United States
Benefits
Comprehensive Health, Dental, and Vision plans
Premier 401k retirement plan with corporate matching and a 529 college saving plan
Tax-advantaged Health Savings Account and Dependent Care Flexible Spending Account options
Legal Resources
Generous work/life balance opportunities supported by a PTO bank, paid holidays, leave programs and additional flex time off
Employee referral program
Employee recognition, gift and reward program
Tuition reimbursement for continuing education
Remote or hybrid work options
Engaging company events such as team building activities, annual awards and kick-off parties
Health and wellness-focused activities
Relaxation Spaces
In-office gourmet coffee, tea, fresh fruit and healthy snacks
Corporate GREEN approach tracking energy consumption for reduction and purchasing only environmentally friendly products for our offices
Responsibilities
Lead the end-to-end RMF accreditation and ATO lifecycle for assigned enclaves, including initial ATO and continuous ATO (cATO).
Implement and assess security controls in accordance with CNSSI 1253, NIST SP 800‑171, and NIST SP 800‑53/800‑59 as applicable.
Author, maintain, and update RMF documentation including System Security Plans (SSPs), POA&Ms, security assessments, and supporting artifacts.
Manage ATO submission packages and navigate eMASS approval chains, coordinating with ISSOs, ISSEs, AO representatives, and government stakeholders.
Design and implement automation strategies to streamline compliance, control validation, evidence collection, and continuous monitoring.
Support DevSecOps‑driven cATO processes, integrating security controls into CI/CD pipelines.
Lead and support continuous monitoring activities, including vulnerability management, log analysis, and control effectiveness reporting.
Architect and support Identity and Access Management (IAM) federation solutions within Oracle Cloud Infrastructure (OCI).
Partner with engineering, cloud, and security teams to ensure RMF requirements are embedded into system architecture and operational processes.
Provide expert guidance on operating in IL5/IL6 classified and regulated cloud environments.
Qualifications
Security Clearance: US citizenship with the ability to obtain a Secret security clearance.
Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent experience).
15+ years of experience supporting RMF, ATO, or cybersecurity compliance efforts within DoD or IC environments.
Demonstrated experience leading ATO and/or cATO efforts for complex systems or enclaves.
Hands‑on experience with eMASS, including package development, workflow management, and approvals.
Proven experience supporting systems at Impact Level 5 (IL5) and/or Impact Level 6 (IL6).
Ability to obtain and maintain a U.S. Government security clearance (active clearance preferred).
Knowledge / Skills / Abilities
Deep expertise in RMF for DoD systems, including control implementation, assessment, and authorization.
Strong working knowledge of eMASS, RMF workflows, and AO expectations.
Experience automating security and compliance tasks using tools such as Ansible, Terraform, and SCAP tooling.
Proficiency with cloud security in Oracle Cloud Infrastructure (OCI), including OCI Logging Analytics.
Familiarity with containerized and cloud‑native environments, including Docker and Kubernetes.
Experience integrating SIEM tools and log analytics to support continuous monitoring.
Solid understanding of DevSecOps methodologies and embedding security into CI/CD pipelines.
Strong documentation, communication, and stakeholder management skills, with the ability to translate compliance requirements into technical solutions.
Ability to operate independently as a senior lead while mentoring junior RMF or security staff.
Mythics, LLC is an equal opportunity employer. In accordance with applicable federal, state, and/or local law, all qualified applicants will receive consideration regardless of race, color, religion, national origin, sex, disability, sexual orientation, gender identity, age, marital status, medical condition, veteran status, or other factors protected by law. We offer equal opportunity in compensation, advancement opportunities, and all other terms and conditions of employment.
#J-18808-Ljbffr