Travel Required: None Job Description Summary: General Dynamics Information Technology is seeking a Risk Management Framework engineer as part of our Cybersecurity Compliance team on the EOSS program in Arlington, Virginia. The candidate will serve as the RMF Subject Matter Expert (SME). The position includes being an Information Assurance Analyst leading and managing DoD Risk Management Framework (RMF) processes. The candidate will need to be intimately familiar with DISA STIGs, FISMA Compliance Requirements, NIST 800 Series. 5 – 10 years of cybersecurity experience with 5-7 years proficiency in RMF Coordinate and review security documentation such as Security Plans (SSP), POA&Ms, Implementation Plans; and provide strategic recommendations to ISSM and ISOs Experience working on large-scale and adhoc projects, supporting enterprise-level activities Experience working in an enterprise environment supporting on-premise applications and enterprise service for cloud extension/ deployment Develop and manage the POA&M tracker and Risk-Based Decisions (RBDs)/ Waivers for deficiencies Perform self-assessments of NIST SP 800-53 Rev4 controls and document test results in the eMASS Experience using and navigating eMASS tool to manage Assessment & Authorization (A&A) process Assist Organizational ISSM (O.ISSM) and Program ISSM (P.ISSM) in meeting their duties such as reviewing A&A documentation Ensure security-related concerns and incidents are reported to ISSMs and managed timely Provide assistance to ISOs with the registration of security interfaces in PPSM Must possess DOD 8570 IAT Level III certification, such as CISSP or CASP ITIL Foundations is also required within the first 90 days of employment Prepares security reports to regulatory agencies Proficiency in cloud computing infrastructures, platforms, and services to support the deployment of IAAS or PAAS applications Proficiency in performing risk-based reviews of Security Authorization Package Provide guidance in developing, reviewing, and maintaining SSPs, Scan Results, and test result artifacts Reviewing NIST SP 800 publication for managing security controls Support the creation or modification of FISMA compliancy documentation such as Contingency Plans, Incident Response Plan and Access Control Plans Evaluate system’s risk in respect to operation at the network, system, and application level Evaluate vulnerability assessment results and STIG results and manage findings in eMASS We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.