RMF Subject Matter Expert
Listed on 2026-07-08
-
IT/Tech
Cybersecurity, Information Security, Systems Engineer
Job Title: RMF Subject Matter Expert
Location: Hanscom Air Force Base
Clearance: Secret
- Top Secret Preferred
Program: BLITS 3.0
Company / Program DescriptionCenturia, a Service-Disabled Veteran-Owned Small Business (SDVOSB), has been delivering IT, Engineering, and Scientific solutions to the Federal Government since 2002. During our two decades of service, we have earned the trust and respect of our government clients for the simple reason that we have great people who are experts in their fields and take pride and ownership in everything they do.
BLITS3.0 Program Description
This role will be to directly support the mission of the 66th Air Base Group (66 ABG) to secure information and information systems; to support mission success through effective and efficient service delivery; and to sustain required infrastructure and capabilities. As one part of the greater Air Force Information Network (AFIN) enterprise, the 66 ABG Communications and Information Division (66 ABG/SC) has responsibilities in two categories (1) direct actions in support of Hanscom Air Force Base (HAFB) and geographically separated units (GSUs);
and (2) indirect actions to support the AFIN enterprise. Successful solutions for this requirement are expected to have strengths in four areas: integration, flexibility, AFIN knowledge, and technical expertise.
Seeking an experienced RMF Subject Matter Expert (SME) to support the Wing Cyberspace Office (WCSO) in managing and executing DoD Risk Management Framework processes. The role focuses on developing and maintaining RMF packages in eMASS, supporting ATOs, conducting risk assessments, and ensuring compliance with Air Force and DoD cybersecurity requirements. Requires 10+ years of cybersecurity experience with RMF, a Bachelor’s degree (or equivalent), Security+ certification (CISSP preferred), and an active Secret clearance (TS preferred).
Job Responsibilities- Serve as the lead RMF Subject Matter Expert supporting the Wing Cyberspace Office (WCSO) for all systems and enclaves within the base enterprise
- Lead the management, implementation, and execution of the Risk Management Framework (RMF) lifecycle (Categorize, Select, Implement, Assess, Authorize, and Monitor) for supported systems
- Develop, maintain, and validate RMF artifacts within Enterprise Mission Assurance Support Service (eMASS) to ensure completeness, accuracy, and compliance with DoD and Air Force requirements
- Provide expert guidance to ISSMs, ISSOs, and system owners on ATO packages, reauthorization efforts, and continuous monitoring strategies
- Ensure continuous compliance with DoD, Air Force, NSA, and NIST cybersecurity policies and directives, including NIST SP 800-53 and DoDI 8510.01
- Conduct risk assessments and security control evaluations, recommending mitigation strategies to reduce risk to acceptable levels
- Review and validate Security Technical Implementation Guides (STIGs), vulnerability alerts, and cybersecurity directives for implementation across supported systems
- Support Authorization to Operate (ATO), Authority to Connect (ATC), and Interim Authorization (IATT) processes as required
- Develop and manage Plans of Action & Milestones (POA&Ms) and track remediation efforts to closure
- Provide direct support during cybersecurity inspections and audits (e.g., CCRI, IG, SAV), including preparation, execution, and remediation
- Advise on system architecture, boundary definitions, and control inheritance to improve RMF efficiency and cybersecurity posture
- Collaborate with network, system, and cybersecurity teams to ensure secure integration and sustainment of systems
- Analyze and report cybersecurity posture metrics and trends, providing recommendations for continuous improvement
- Mentor and provide RMF training and knowledge transfer to cybersecurity staff and stakeholders across the Wing
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent
- 10+ years of experience in Cybersecurity, with a strong emphasis on Risk Management Framework (RMF) within the DoD or Federal environment
- Extensive experience with DoD RMF processes, ATO lifecycle management, and…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).