RMF A&A Analyst SME

Responsibilities

Join Peraton's mission-critical team supporting secure, real-time data delivery across complex operational environments in direct support of our nation's warfighters. If you are driven by national security and energized by cutting-edge C2

ISR capabilities, sensor integration, and resilient data transport solutions, we invite you to join our team.

We are seeking highly cleared professionals who excel at the intersection of advanced communications infrastructure, distributed systems, and mission assurance-where reliability, security, and performance are paramount.

Specifically, we are looking for a TS/SCI cleared RMF A&A Analyst - SME to support this mission at Pope Army Airfield, North Carolina.

Responsibilities:

• Provides authoritative leadership in RMF and A&A and recognized as a domain expert.
• Shapes enterprise RMF strategy and ensures alignment with Section
  
  C.5.4.1 deliverables.
• Directs enterprise wide RMF lifecycle management and accreditation processes.
• Provides expertise in risk management, vulnerability assessments, and mitigation strategies.
• Oversees enterprise-wide audits and corrective actions.
• Shapes security documentation standards and compliance verification methods.
• Provides authoritative guidance in compliance with Federal laws, DoD mandates, and DISA STIGs.
• Forecasts cyber threat impacts and contributes to contract reviews.
• Provides training in RMF frameworks, accreditation processes, and compliance standards.
• Ensures traceability, auditability, and compliance across all RMF operations.
• Conducts organizational studies, work simplification, and measurement studies.
• Prepares operations and procedures manuals to assist management in effective operations.
• Safeguard sensitive and critical information systems
• Proactively research and mitigate new and evolving technological threats
• Research and stay current on newly released threat prevention strategies from vendors and research orgs (CISA, NIST, MITRE, SANS, ISACA)
• Support and assist official Cyber Operational Readiness Assessment (CORA), IG, and other official audits, inspections, and investigations
• Perform National Security System (NSS) registration IAW SP 800-59
• Develop Defense IT Portfolio Registration, PPSM registrations, and all external system and process registrations required for ATO award and sustainability
• Develop, establish, and maintain Type-Accreditation ATO package with control inheritance relationships with program type packages
• Establish ATC packages where needed between packages in potentially separate AOs and branches
• Develop and enforce Continuous Monitoring plan and program IAW NIST 800-137
• Utilize the following Role Specific Tools: RMF compliance management platforms (Xacta, eMASS, Archer GRC); security control assessment tools (Nessus, Qualys, OpenVAS); vulnerability scanning and remediation dashboards; STIG Viewer and DISA STIG automation utilities; SCAP compliance scanners; POA&M tracking systems; continuous monitoring dashboards (Splunk, Elastic, Arc Sight); audit trail and evidence repositories; configuration management databases with version control; encryption and key management utilities (TACLANE, PKI certificate management);
  
  incident response and ticketing systems integrated with RMF workflows; risk scoring and prioritization engines; documentation templates for System Security Plans (SSPs), Security Assessment Reports (SARs), and Authorization to Operate (ATO) packages.

Required qualifications:

• Previous experience as a RMF A&A Analyst or similar role supporting a DoD customer at the CCMD level;
• Minimum of 12 years' experience with a BS/BA or 10 years' experience with a MS/MA or 7 years' experience with a PhD. or 16 years' with HS Diploma/equivalent or 14 years' with AS/AA Degree
• A current, active DoD security clearance at the TS/SCI level
• US citizenship is required
• DoD 8140 role for WRC: 531;
  Element: CS;
  Work Role:
  Cyber Defense Incident Responder;
  Proficiency Level: Advanced

Desired

Qualifications:

• DoD-approved IA baseline certification for ADP-III/IT-III based on the IAT level and CE/Operating System (OS) certificate within six months of the assignment.

• Location:
  
  Pope Army Airfield, NC
• On…