Risk Management Framework Engineer Security Clearance

Location and Description

Position Location:

Chantilly, VA/McLean, VA.

Position

Description:

We are seeking a Risk Management Framework engineer responsible for a critical operational network. This role ensures systems are securely authorized to operate (ATO) by documenting compliance, and coordinating with technical and security stakeholders throughout the system lifecycle.

• Lead and support all phases of the Risk Management Framework (RMF) process in accordance with NIST SP 800-37, NIST SP 800-53 Security and Privacy Controls and related standards.
• Develop, maintain, and update RMF documentation including:
  • System Security Plans (SSPs)
  • Security Assessment Reports (SARs)
  • Plans of Action and Milestones (POA&Ms)
• Coordinate security authorization packages for ATO decisions.
• Collaborate & stakeholder engagement:
  • Work closely with system engineers, network administrators, program managers, and security leadership.
  • Participate in security working groups, technical reviews, and compliance audits.
  • Communicate security posture and risk status to technical and non‑technical stakeholders.

• Risk Management Framework (RMF) lifecycle experience: all or most phases, including POA&M and continuous monitoring.
• ATO Process expertise: system support authorization, reauthorization and continuous compliance.
• Security control implementation based on NIST SP 800-53.
• Experience with using Service Now.
• Education:
  
  Bachelor’s in computer science, Cybersecurity, or information technology, or a related field.
• Minimum experience:
  
  3-5 years.
• Active TS/SCI with a current CI Polygraph.
• BS in Computer Science, Cyber Security, or related field.
• Demonstrated hands‑on experience executing the RMF lifecycle.
• Familiarity with federal cybersecurity compliance environments.
• One or more of the following active security certifications:
  • CompTIA Security+
  • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • CIAM (Certified Identity and Access Manager)

• Ability to operate independently and contribute immediately upon assignment.
• Self‑motivated and eager to work intently to satisfy mission requirements.
• Adaptable with a desire to maintain company culture.
• Strong communication and coordination skills with technical and non‑technical stakeholders.
• Experience in security working groups, technical reviews, and compliance audits.
• Ability to multitask and adjust priorities as needed.

• Familiarity with current Information Assurance (IA) and cybersecurity tools such as vulnerability management and scanning tools.
• Experience with assessing security requirements and evaluating systems for gaps in security requirements.

Altamira is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability, or protected veteran status.