More jobs:
Risk Management Framework A&A Manager
Job in
Columbia, Howard County, Maryland, 21046, USA
Listed on 2026-07-13
Listing for:
Jobtailor
Full Time
position Listed on 2026-07-13
Job specializations:
-
IT/Tech
Cybersecurity, IT Project Manager, Information Security
Job Description & How to Apply Below
Responsibilities
- The RMF / A&A Manager provides senior leadership and strategic oversight for federal cybersecurity authorization, compliance, and audit programs supporting Ginnie Mae enterprise and cloud environments.
- This role is accountable for end to end execution of the Risk Management Framework (RMF), Assessment & Authorization (A&A), FedRAMP integration, and IT audit support, ensuring sustained compliance with FISMA, NIST, OMB mandates, and agency policies.
- The Manager serves as the primary interface with government leadership and drives delivery excellence across multiple concurrent authorizations, audits, and third party assessments.
- Provide programmatic leadership across RMF, A&A, FedRAMP, and IT audit activities for major and minor systems and cloud platforms.
- Direct multi disciplinary teams delivering authorization packages, audit responses, third party assessments, and remediation activities.
- Serve as senior advisor to Authorizing Officials (AO), CISO, IAM, CTA, and System Owners on risk posture, authorization decisions, and compliance strategy.
- Oversee FedRAMP P ATO reviews, agency control inheritance analysis, risk acceptance documentation, and authorization recommendations.
- Lead third party assessment (3
PAO) coordination and ensure quality, consistency, and timeliness of Security Assessment Reports (SARs). - Ensure development and maintenance of all RMF artifacts (SSP, SAR, POA&M, BIA, PIA, ISA, FIPS 199, contingency plans, and risk acceptance).
- Lead enterprise audit readiness and execution for FISMA, financial system audits, and SSAE 18 reviews.
- Establish governance processes, SOPs, metrics, dashboards, and executive level reporting.
- Drive continuous improvement of RMF and audit processes to enhance efficiency, quality, and sustainability.
- Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse.
- Advanced experience leading federal RMF, A&A, and cybersecurity compliance programs.
- A minimum of eight (8) years of experience supporting federal RMF / A&A programs.
- Minimum of three (3) years experience leading RMF, A&A, or cybersecurity compliance teams.
- Demonstrated leadership of consulting or government teams supporting enterprise security initiatives.
- Deep expertise in NIST RMF, FISMA, FedRAMP, and OMB cybersecurity directives.
- Proven experience supporting cloud authorization and high impact federal systems.
- Strong executive communication, stakeholder management, and risk advisory skills.
- Demonstrated experience leading cloud A&A efforts (IaaS, PaaS, SaaS).
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×