ZipRecruiter

Log In

1

Nist Rmf Jobs (NOW HIRING)

Kratos Defense

Senior Security Consultant

Herndon, VA · Hybrid

Lead and support assessment teams conducting FedRAMP, DoD SRG, and NIST RMF security assessments . * Review Security Packages (SSP, SAP, SAR, POA&M, Deviation Requests, Significant Change Requests ...

New

RIVIDIUM

Cloud Cybersecurity Manager (CCM)

Alexandria, VA

$118K - $160K/yr

Eight or more years of experience with NIST RMF, NIST SP 800-53, STIGs, SCAP, IAVAs, and FISMA. * One or more of the following certifications: CISM, CISSO, FITSP-M, GCIA, GCSA, GCIH, GSLC, GICSP ...

next page

Showing results 1-20

All JobsNist Rmf Jobs

Nist Rmf information

See salary details

$43K

$99.4K

$150K

How much do nist rmf jobs pay per year?

As of Jun 20, 2026, the average yearly pay for nist rmf in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.

What is NIST RMF?

NIST RMF stands for the National Institute of Standards and Technology Risk Management Framework. It is a structured process used by federal agencies and organizations to identify, assess, and manage cybersecurity risks to information systems. The RMF provides a set of steps that guide organizations through the selection, implementation, assessment, and monitoring of security controls to ensure systems meet required security standards. This framework is essential for achieving compliance with federal cybersecurity requirements and improving overall information security.

What is the difference between Nist Rmf vs Cybersecurity Analyst?

AspectNist RmfCybersecurity Analyst
CertificationsRisk Management Framework (RMF) certifications, NIST guidelinesCompTIA Security+, CISSP, CEH
Work EnvironmentGovernment agencies, federal projects, compliance-focusedPrivate sector, IT departments, security teams
Industry UsagePrimarily in federal and defense sectorsAcross various industries including finance, healthcare, tech
Primary FocusImplementing and managing risk management frameworksMonitoring, analyzing, and responding to security threats

While Nist Rmf specialists focus on establishing and maintaining risk management processes based on NIST standards, Cybersecurity Analysts are more involved in threat detection and incident response. Both roles require security knowledge but serve different functions within cybersecurity frameworks.

What are some typical challenges faced by professionals implementing the NIST RMF in an organization?

Professionals working with the NIST Risk Management Framework (RMF) often encounter challenges such as aligning organizational processes with RMF requirements, ensuring stakeholder buy-in, and maintaining comprehensive documentation. Adapting legacy systems to meet modern security controls can be complex, and coordinating efforts across multiple teams—such as IT, compliance, and management—requires strong communication skills. Staying current with evolving NIST guidelines and integrating continuous monitoring into daily operations are also important aspects to manage for success in this role.

What are the key skills and qualifications needed to thrive as a NIST RMF (Risk Management Framework) specialist, and why are they important?

To thrive as a NIST RMF specialist, you need a solid understanding of information security principles, risk assessment, compliance standards, and often a background in cybersecurity or IT, supported by certifications like CISSP, CAP, or Security+. Familiarity with NIST SP 800-37, eMASS, and other GRC (Governance, Risk, and Compliance) tools is typically required. Attention to detail, analytical thinking, and strong communication skills help professionals navigate complex regulatory requirements and effectively collaborate with stakeholders. These skills are essential for ensuring organizational compliance, safeguarding sensitive data, and managing security risks efficiently.
More about Nist Rmf jobs
What states have the most Nist Rmf jobs? States with the most job openings for Nist Rmf jobs include:
What job categories do people searching Nist Rmf jobs look for? The top searched job categories for Nist Rmf jobs are:
Nist Rmf jobs near you
Infographic showing various Nist Rmf job openings in the United States as of June 2026, with employment types broken down into 67% Full Time, and 33% Contract. Highlights an 33% In-person, and 67% Remote job distribution, with an average salary of $99,400 per year, or $47.8 per hour.

Security Control Assessor Representative

Goldbelt Nighthawk

Hanover, MD • On-site

Full-time

Medical, Dental, Vision, Retirement, PTO

This job post has expired today. Applications are no longer accepted.

Job description

Overview
Goldbelt Nighthawk offers sound solutions in software development and both defensive and proactive cybersecurity. Nighthawk offers an integrated, holistic cybersecurity workforce that is enthusiastic, continuously learning, and progressive. The team is fully committed to implementing dynamic cybersecurity solutions that effectively address the needs of customers. Nighthawk's flexibility and expertise across the cybersecurity field provides customized solutions to our customer's unique needs.
Summary:
The Security Control Assessor - Representative will perform a risk-based review and evaluation A&A process for classified systems to evaluate system security plans (SSPs) leading to an authorization decision. There is a requirement to be onsite at customer facility in Hanover, MD three days per week and could be increased to five days per week, depending on the government requirements.
Responsibilities
Essential Job Functions:
  • Maintain expert-level knowledge of all NIST 800-53 Security Controls
  • Maintain working knowledge of DoD, DCSA, and NIST RMF guidance and policies
  • Perform SSP reviews in accordance with the plan
  • Use critical thinking to aid decision-making and highlight paths that will help achieve desired outcomes during risk-based analysis
  • Assess SSPs, document the findings, and make recommendations
  • Review and evaluate A&A artifacts in submission documentation
  • Provide information security services such as system security documentation evaluation and other support activities connected with the implementation of the Risk Management Framework (RMF)
  • Evaluate system security package submissions for authorization of classified systems against defined DCSA and Government technical standards.
  • Acquire and maintain NISP eMASS account for daily use
  • Attend and participate in training on the NISP eMASS tool
  • Be familiar with the NIST RMF and be able to process and track packages through the NISP Enterprise Mission Assurance Support Service (eMASS).
  • Use NISP eMASS as an approved repository for artifacts and Plans of Action and Milestones (POA&M)
  • Provide written documentation for each SSP review that includes:

Qualifications
Necessary Skills and Knowledge:
  • Cybersecurity experience
  • Proficiency in Microsoft Office Suite
  • Working knowledge and skills in eMASS

Minimum Qualifications:
  • Certified at IAT II (CCNA Security, CSA+, GICSP, GSEC, Security+ CE, SSCP)
  • 3-5 yrs. experience in information protection, threat protection, architecture, or system security operations
  • Approved personnel with Secret clearance
  • Pass an employer background check
  • Experience in vulnerability and risk assessment, architecture, and network configuration

Preferred Qualifications:
  • Computer Science, information technology or cyber security degree or 5-7 year work experience in IAT I and II environment
  • eMASS skills
  • Process engineering

Pay and Benefits
At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.

Apply