RMF Program Lead

Title: RMF Program Lead

Location: Ability to report to either Alexandria, VA or Seaside, CA

About iWorks: iWorks Corporation, founded in 2005, is a leading provider of information technology and professional services to the federal government. We are a recognized leader in personnel security and vetting solutions, Agile, Dev Ops, Dev Sec Ops , data analytics, and cloud solutions. Our continuous process improvement approach, combined with our business and technology expertise, results in innovative solutions. We offer exceptional comprehensive benefits (Medical, Dental, Vision, Life and Disability);

401(k);
Health and Wellness Benefits; and Paid Sick Time, Vacation Time, and Holiday Time. You're eligible for bonuses throughout the year as part of our incentive program for innovation and business development. All employees are also considered for an annual raise, commensurate with performance and company commitment.

About this position: The RMF Program Lead is responsible for the overall management and execution of Risk Management Framework (RMF) tasks, providing expert guidance and direction to a team of RMF professionals. This role ensures consistent application of RMF processes and compliance across all DHRA systems, leads a team of RMF specialists, provides mentorship, and ensures the quality of deliverables such as System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).

The RMF Program Lead serves as the primary point of contact for all RMF‑related matters, communicates with stakeholders, and ensures compliance with relevant regulations and policies.

Salary Range: 120k – 200k, commensurate with position title, skills, experience, location, and qualifications

• Oversee management and execution of RMF tasks for all DHRA systems.
• Provide expert guidance on RMF principles (NIST SP 800‑37, 800‑53).
• Lead a team of RMF specialists, ensuring quality of deliverables (SSPs, SARs, POA&Ms).
• Serve as the primary point of contact for all RMF‑related matters.
• Communicate with stakeholders and ensure compliance with regulations and policies.
• Maintain RMF trackers and repositories, and support RMF package submissions.
• Develop and maintain documentation to support process KPIs and continuous improvements.

• Bachelor's degree in a technical discipline or related field and/or 10+ years of progressively complex experience in cybersecurity risk management.
• Secret Security Clearance.
• Certifications:
  • Certified Information Security Manager (CISM)
  • CompTIA Security+
  • ITIL Certification
• Familiarity and/or expertise with tools including: ACAS, ESS, MDE/S, SIEM, SOAR, UAM, IDS/IPS, COAMS, CMRS, Tanium, PAM, central application vulnerability management, SAST, DAST, OSLVS, container security, and software supply chain management.

• Experience with DMDC/DHRA mission systems and DISA‑hosted infrastructure.

We maintain an on‑camera policy for all virtual company meetings to foster engagement and collaboration. Reasonable exceptions may be granted with prior approval from Human Resources and/or the applicable manager or client.

FLSA EXEMPT AND FULL‑TIME POSITION

iWorks Corporation is an Equal Employment Opportunity/Affirmative Action Employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, Veteran status, sexual orientation, or other protected characteristic. iWorks is committed to maintaining a safe and productive work environment for all employees and ensuring the security and well‑being of our clients. As part of our standard hiring process, we may conduct background checks and drug screenings on potential candidates to assess their suitability for employment.

Mid‑Senior level

Full‑time

Consulting, Information Technology, and Sales

IT Services and IT Consulting