Back to all jobs

RMF Support Analyst

Booz Allen

Apr 15

RMF Support Analyst

Key Role:

Advise system development teams on the NIST SP 800-37 and CNSSI 1253-based Risk Management Framework (RMF) Process, ensuring the deliverable achieves an Authority to Operate (ATO) on schedule. Interpret security and privacy controls for technical teams to ensure the controls are properly built into the deliverable. Document security and privacy control implementation into the customers’ RMF tool. Create various cybersecurity plans, coordinates them with participating entities, secures appropriate signatures and distributes the final plans to relevant parties. Perform post-ATO continuous monitoring activities. Explain technical security scan results to technical teams. Create, modify and complete Plan of Action and Milestones (POAM) management activities within the RMF tool. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Basic Qualifications:

  • 2+ years of experience in guiding an Information System through the Federal government seven-step RMF process
  • Experience using eMASS, Xacta, or CMAS RMF management tools
  • Experience using MS Office applications, including Word and Excel
  • Knowledge of NIST SP 800-53, Rev 4/5 security and privacy controls
  • Ability to translate technical system configurations into non-technical documentation
  • Ability to work in an integrated team with diverse backgrounds is critical
  • Ability to prioritize workload and multi-task multiple projects
  • Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirement
  • Bachelor’s degree
  • Security +CE Certification

Additional Qualifications:

  • Experience working in an ISO/CMMI/DevSecOps environment
  • Experience with security tools Nessus/Security Center, Nagios, Splunk, or Fortify
  • Knowledge of Software Development Lifecycle Process, especially Agile Development, including SCRUM and Kanban
  • CISSP or CompTIA/ISC2/ISACA/GIAC security certifications


Applicants selected may be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client.

The proposed salary range for this position in Colorado is $90,000 to $120,000. Final salary will be determined based on various factors.  

At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits. 

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.