ZipRecruiter

Log In

1

Nist Rmf Jobs (NOW HIRING)

Core One

Security Engineer

Mclean, VA

Lead and support FedRAMP Moderate/High and IC ATO authorization efforts, ensuring compliance with NIST RMF, NIST 800-53, NIST 800-37, FedRAMP, and ICD 503 requirements. * Conduct risk assessments ...

Core One

Security Engineer

Mclean, VA · On-site

Lead and support FedRAMP Moderate/High and IC ATO authorization efforts, ensuring compliance with NIST RMF, NIST 800-53, NIST 800-37, FedRAMP, and ICD 503 requirements. * Conduct risk assessments ...

Latitude Inc

ISSO (Top Secret Cleared)

Farmington, NM

$120K - $132K/yr

This role is responsible for ensuring systems meet federal cybersecurity and compliance requirements (NIST RMF, FISMA, FedRAMP as applicable) and for coordinating with system owners, engineers, and ...

next page

Showing results 1-20

All JobsNist Rmf Jobs

Nist Rmf information

See salary details

$43K

$99.4K

$150K

How much do nist rmf jobs pay per year?

As of Jun 20, 2026, the average yearly pay for nist rmf in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.

What is NIST RMF?

NIST RMF stands for the National Institute of Standards and Technology Risk Management Framework. It is a structured process used by federal agencies and organizations to identify, assess, and manage cybersecurity risks to information systems. The RMF provides a set of steps that guide organizations through the selection, implementation, assessment, and monitoring of security controls to ensure systems meet required security standards. This framework is essential for achieving compliance with federal cybersecurity requirements and improving overall information security.

What is the difference between Nist Rmf vs Cybersecurity Analyst?

AspectNist RmfCybersecurity Analyst
CertificationsRisk Management Framework (RMF) certifications, NIST guidelinesCompTIA Security+, CISSP, CEH
Work EnvironmentGovernment agencies, federal projects, compliance-focusedPrivate sector, IT departments, security teams
Industry UsagePrimarily in federal and defense sectorsAcross various industries including finance, healthcare, tech
Primary FocusImplementing and managing risk management frameworksMonitoring, analyzing, and responding to security threats

While Nist Rmf specialists focus on establishing and maintaining risk management processes based on NIST standards, Cybersecurity Analysts are more involved in threat detection and incident response. Both roles require security knowledge but serve different functions within cybersecurity frameworks.

What are some typical challenges faced by professionals implementing the NIST RMF in an organization?

Professionals working with the NIST Risk Management Framework (RMF) often encounter challenges such as aligning organizational processes with RMF requirements, ensuring stakeholder buy-in, and maintaining comprehensive documentation. Adapting legacy systems to meet modern security controls can be complex, and coordinating efforts across multiple teams—such as IT, compliance, and management—requires strong communication skills. Staying current with evolving NIST guidelines and integrating continuous monitoring into daily operations are also important aspects to manage for success in this role.

What are the key skills and qualifications needed to thrive as a NIST RMF (Risk Management Framework) specialist, and why are they important?

To thrive as a NIST RMF specialist, you need a solid understanding of information security principles, risk assessment, compliance standards, and often a background in cybersecurity or IT, supported by certifications like CISSP, CAP, or Security+. Familiarity with NIST SP 800-37, eMASS, and other GRC (Governance, Risk, and Compliance) tools is typically required. Attention to detail, analytical thinking, and strong communication skills help professionals navigate complex regulatory requirements and effectively collaborate with stakeholders. These skills are essential for ensuring organizational compliance, safeguarding sensitive data, and managing security risks efficiently.
More about Nist Rmf jobs
What states have the most Nist Rmf jobs? States with the most job openings for Nist Rmf jobs include:
What job categories do people searching Nist Rmf jobs look for? The top searched job categories for Nist Rmf jobs are:
Nist Rmf jobs near you
Infographic showing various Nist Rmf job openings in the United States as of June 2026, with employment types broken down into 67% Full Time, and 33% Contract. Highlights an 33% In-person, and 67% Remote job distribution, with an average salary of $99,400 per year, or $47.8 per hour.
GRC Lead / Cyber Risk Manager

GRC Lead / Cyber Risk Manager

CyberLinx Solutions LLC

Washington, DC

$125K - $169K/yr

Other

Posted 12 days ago

Job description

CyberLinx Solutions LLC is seeking a forward thinking Cybersecurity GRC Lead / Cyber Risk Manager responsible for leading the organization's cybersecurity governance, risk, and compliance (GRC) program. This role oversees enterprise risk assessments, regulatory compliance, policy development, and security control implementation aligned to industry frameworks such as NIST CSF and NIST RMF.The ideal candidate will serve as a strategic advisor to leadership, ensuring cybersecurity risks are identified, assessed, and managed in alignment with business objectives and regulatory requirements. Key Responsibilities: Governance & Program Leadership Lead and manage the enterprise GRC program, including policies, standards, and procedures Serve as the primary advisor on cybersecurity risk and compliance matters Align cybersecurity strategy with business objectives and regulatory requirements Provide executive-level reporting on risk posture, compliance status, and remediation efforts Risk Management: Conduct enterprise and system-level cybersecurity risk assessments Develop and maintain risk registers aligned to NIST SP 800-53 and NIST SP 800-171 Define risk tolerance, scoring methodologies, and mitigation strategies Perform gap assessments and maturity evaluations using NIST CSF Compliance & Audit Ensure compliance with federal, state, and industry regulations for NIST RMF, and FISMA as applicable

Lead audit readiness efforts and coordinate internal/external audits Develop Plans of Action & Milestones (POA&M) and track remediation activities Maintain documentation supporting Authority to Operate (ATO) processes Security Controls & Frameworks Oversee implementation and validation of security controls Map controls across frameworks (NIST CSF, NIST 800-53, ISO 27001) Collaborate with technical teams to ensure control effectiveness Third-Party Risk Management Evaluate vendor and third-party cybersecurity risks Conduct security assessments and due diligence reviews Ensure contractual security and compliance requirements are met Required Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or related field 8+ years of experience in cybersecurity, with at least 3-5 years in GRC or risk management leadership roles Strong knowledge of: NIST Cybersecurity Framework (CSF) NIST Risk Management Framework (RMF) NIST SP 800-53 / 800-171 Experience supporting audits, compliance programs, and regulatory frameworks Proven ability to lead cross-functional teams and communicate with executive leadership

Apply