• Risk Management Framework (RMF) Specialist

    Job Locations US-DC-Washington D.C.
    Job ID 2018-1025
  • Overview

    Sentek Global is looking for a Risk Management Framework (RMF) Specialist to provide support to a government client in Washington D.C


    • The RMF Specialist is an independent third party who assesses and validates that the system has implemented the approved security control baseline.
    • The RMF Specialist acts as a trusted agent to the Security Control Assessors (SCA) and SCA Liaison.
    • The RMF Specialist will utilize a SCA Liaison as an advisor to assist in all matters of validation, documentation, vulnerability mitigation, and residual risk determination.
    • Responsibilities include performance of all required and approved Validator RMF process steps for assigned systems.
    • The RMF Specialist will also be responsible for conducting a complete security control validation and assessment of technical and nontechnical security features of a system or network to address known threats and vulnerabilities. The evaluation must consider and identify impacts as well as consideration of existing risk mitigation strategies.
    • Other duties as assigned.


    • Must currently possess an active DOD Security Clearance.
    • Travel is required for this role (potentially up to 25%). 
    • Familiar with selection and documentation of security controls.
    • Familiar with System Security Planning in Enterprise Mission Assurance Support Service (eMASS).
    • Familiar with development of the Information System Continuous Monitoring (ISCM) plan.  
    • Must have familiarity with the following tasks:
      • Develop Security Assessment Plan in RMF Step 2.
      • Execute RMF Step 2 Checkpoint.
      • Support implementation and testing of security controls during RMF Step 3.
      • Initiate the Risk Assessment Report (RAR) during RMF Step 3.
      • Execute the Security Assessment, RMF Step 4.
      • Initiate Security Assessment Report (SAR) in RMF Step 4, and update the SAR throughout the execution of RMF Step 4, based on the security control assessment results.
      • Update the RAR based on results developed during RMF Step 4 testing.
      • Create and update the POA&M during RMF Step 4.
      • Prepare and submit a complete and accurate Special Access Programs (SAP) at the conclusion of RMF Step 4.
      • Execute RMF Step 5 Checkpoint.  
      • Perform validation of the final RAR and RAR Executive Summary.  
      • Create the final and complete SAR and SAR Executive Summary.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed