ZipRecruiter

Log In

2

Remote Rmf Jobs in Baltimore, MD (NOW HIRING)

SixGen, Inc.

ISSO (TS/SCI & CIPOLY)

Columbia, MD ยท On-site +1

The ideal candidate will possess deep knowledge of Risk Management Framework (RMF), cybersecurity ... Flexible and remote work policies for most positions * Flexible PTO and holiday schedule For more ...

Leidos

Cyber Security Engineer

Silver Spring, MD ยท On-site +1

$107K - $195K/yr

Percentage of remote work will vary based on client requirements/deliverables. In this role, you ... Lead the integration of RMF activities into the system development lifecycle (SDLC), including ...

Leidos

IT Security Engineer

Silver Spring, MD ยท On-site +1

$107K - $195K/yr

Percentage of remote work will vary based on client requirements/deliverables. In this role, you ... Lead the integration of RMF activities into the system development lifecycle (SDLC), including ...

next page

Showing results 1-20

All JobsRmf JobsRemote Rmf JobsRemote Rmf Jobs in Baltimore, MD

Remote Rmf information

See Baltimore, MD salary details

$29.3K

$94.3K

$169.4K

How much do remote rmf jobs pay per year?

As of Jun 15, 2026, the average yearly pay for remote rmf in Baltimore, MD is $94,322.00, according to ZipRecruiter salary data. Most workers in this role earn between $49,200.00 and $126,700.00 per year, depending on experience, location, and employer.

What is a Remote RMF job?

A Remote RMF (Risk Management Framework) job involves managing cybersecurity risk and compliance for an organization while working remotely. Professionals in this role ensure that IT systems align with federal security standards, such as those outlined by NIST. Responsibilities may include conducting risk assessments, implementing security controls, and maintaining compliance documentation. Remote RMF specialists often work with government agencies, contractors, or private companies handling sensitive data. This position requires expertise in cybersecurity policies, risk management, and regulatory compliance.

What are the typical daily responsibilities of a Remote RMF Specialist?

As a Remote RMF Specialist, your daily responsibilities often include conducting security assessments, preparing and reviewing authorization packages, and ensuring ongoing compliance with federal information security standards. You'll collaborate with cross-functional teams to identify risks, develop mitigation strategies, and document security control implementations. Regular communication with stakeholders, participation in virtual meetings, and continual monitoring of systems and processes to ensure compliance are also core aspects of the job. This role leverages remote work tools to collaborate effectively with cybersecurity, IT, and compliance professionals across multiple locations.

What are the key skills and qualifications needed to thrive in the Remote Rmf position, and why are they important?

To thrive as a Remote RMF (Risk Management Framework) Specialist, you need a strong understanding of information security principles, federal risk management frameworks (such as NIST SP 800-37), and relevant cybersecurity policies, typically backed by a degree in information security or related field. Familiarity with security assessment tools, governance, risk, and compliance (GRC) software, as well as certifications like CISSP, CAP, or CISM, is highly valued. Excellent organizational skills, attention to detail, and the ability to communicate complex security concepts clearly are important soft skills. These capabilities are critical to ensure regulatory compliance and robust information system security in a remote work context.

What are popular job titles related to Remote Rmf jobs in Baltimore, MD? For Remote Rmf jobs in Baltimore, MD, the most frequently searched job titles are:
What job categories do people searching Remote Rmf jobs in Baltimore, MD look for? The top searched job categories for Remote Rmf jobs in Baltimore, MD are:
What cities near Baltimore, MD are hiring for Remote Rmf jobs? Cities near Baltimore, MD with the most Remote Rmf job openings:
Remote Rmf jobs near you
Infographic showing various Remote Rmf job openings in Baltimore, MD as of June 2026, with employment types broken down into 83% Full Time, and 17% Part Time. Highlights an 100% Remote job distribution, with an average salary of $94,322 per year, or $45.3 per hour.
Risk Management Framework (RMF), Security, and Authorization to Operate (ATO) Manager

Risk Management Framework (RMF), Security, and Authorization to Operate (ATO) Manager

i4DM

Millersville, MD โ€ข On-site, Remote

$107K - $145K/yr

Full-time

Posted 19 days ago

Job description

Description
About Our Team
Our employees thrive in a culture that is fast-paced, collaborative, and ego-free, where innovation and teamwork are encouraged at every level. We provide Federal agencies with immediate access to highly skilled professionals who understand complex mission challenges and deliver efficient, scalable solutions. By continuously investing in talent, technology, and specialized capabilities, we maintain expert teams prepared to support evolving Federal missions through tailored technical solutions and modern service delivery approaches.
We value diverse perspectives and strive to attract talent from all backgrounds. We are seeking professionals who are passionate about technology, mission success, and solving complex operational challenges with creativity and purpose. If you enjoy expanding your technical expertise while supporting impactful Federal initiatives, you will thrive within our organization. Veterans and military spouses are strongly encouraged to apply and bring their valuable experience to our team.
About the Role
We are seeking an experienced and highly motivated Risk Management Framework (RMF), Security, and Authorization to Operate (ATO) Manager to serve as the Contractor's lead responsible for cybersecurity compliance, RMF lifecycle execution, and authorization activities supporting a mission-critical enterprise platform within the Department of Veterans Affairs (VA) environment.
In this role, you will coordinate closely with the Program Manager, Technical Directors, and Government cybersecurity stakeholders (e.g., AO, ISSO, ISO) to ensure continuous compliance with Federal cybersecurity requirements and uninterrupted ATO status across all supported systems and services.
The RMF, Security, and ATO Manager will oversee all cybersecurity, compliance, and authorization activities across a complex cloud-hosted platform, ensuring alignment with VA security policies, NIST RMF processes, and continuous monitoring requirements. This position requires deep expertise in Federal cybersecurity frameworks, RMF lifecycle management, and secure cloud or hybrid environments supporting healthcare systems and Protected Health Information (PHI).
RESPONSIBILITIES
RMF Lifecycle & ATO Management
  • Lead all Risk Management Framework (RMF) and Authorization to Operate (ATO) activities across the platform and hosted applications.
  • Manage the full RMF lifecycle (Categorize, Select, Implement, Assess, Authorize, Monitor) to ensure continuous compliance and no lapse in authorization status.
  • Coordinate directly with Government stakeholders (AO, ISSO, ISO) to support authorization efforts, renewals, and significant change requests.

Security Documentation & Compliance
  • Oversee development and maintenance of all required security documentation, including System Security Plans (SSPs), POA&Ms, Security Assessment Reports, contingency plans, and authorization artifacts.
  • Ensure all documentation remains accurate, current, and aligned with system architecture, operations, and control implementations.
  • Ensure compliance with Federal and healthcare security requirements, including NIST SP 800-53, FISMA, HIPAA, and VA cybersecurity policies.

Continuous Monitoring & Risk Management
  • Lead continuous monitoring (CONMON) activities, including vulnerability scanning, remediation tracking, and compliance reporting.
  • Manage POA&M lifecycle, ensuring timely updates, mitigation tracking, and closure of findings.
  • Identify, track, and mitigate cybersecurity risks impacting system authorization and operational readiness.
  • Ensure vulnerabilities are prioritized and resolved within required timelines and escalate high-risk issues as needed.

Security Integration & Operations
  • Coordinate with engineering, DevSecOps, and operations teams to ensure security controls are implemented and validated across cloud and application environments.
  • Support integration of security practices into CI/CD pipelines, including automated testing (SAST, DAST, container scanning, IaC validation).
  • Support incident response activities from a security perspective, ensuring proper documentation, root cause analysis, and corrective actions.

Audit, Reporting & Stakeholder Engagement
  • Lead preparation for security audits, assessments, and compliance reviews, including tracking and remediation of findings.
  • Provide regular reporting to VA stakeholders on ATO status, system security posture, risk exposure, and remediation progress.
  • Serve as the primary cybersecurity liaison, ensuring clear communication between the delivery team and Government leadership.

TAG: #LI-I4DM
TAG: INDMJC
Requirements
QUALIFICATIONS
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
  • 7+ years of experience in cybersecurity, information assurance, or RMF/ATO management roles supporting Federal or mission-critical application environments.
  • Strong expertise in NIST SP 800-53 controls, RMF lifecycle processes, and Federal cybersecurity compliance frameworks (FISMA, NIST, OMB).
  • Demonstrated experience managing ATO processes, continuous monitoring programs, and security compliance for cloud or hybrid environments.
  • Experience supporting enterprise platforms and applications, including containerized or cloud-native architectures.
  • Active CISSP, CISM, or equivalent advanced cybersecurity certification.
  • Experience managing vulnerability management programs, POA&M tracking, and security mitigation strategies.
  • Strong understanding of incident response, contingency planning, and system recovery processes.
  • Excellent communication and stakeholder management skills, with the ability to interface with Government security leadership.
  • Experience supporting RMF/ATO activities within VA or similar environments, with awareness of tools like eMASS and SNOWCAM and related governance practices.
  • Understanding of federal/VA cybersecurity guidelines, including Directive 6500, TRM compliance concepts, and Zero Trust frameworks.
  • Candidates must be eligible to obtain and maintain a Public Trust clearance.

PREFERRED QUALIFICATIONS
  • Experience supporting AWS GovCloud or similar Federal cloud environments, including containerized platforms (e.g., Kubernetes/EKS).
  • Experience managing cybersecurity for systems handling Protected Health Information (PHI), including HIPAA and Business Associate Agreement (BAA) compliance.
  • Familiarity with continuous monitoring (CONMON), vulnerability scanning tools (e.g., Nessus), and Federal reporting requirements.
  • Experience supporting large-scale Federal programs with complex, multi-system authorization boundaries.
  • Experience aligning DevSecOps pipelines with RMF requirements, including automated security testing and compliance validation.
I4dm logo

About I4dm

Sourced by ZipRecruiter

Industry

Software development

Company size

11 - 50 Employees

Headquarters location

Millersville, MD, US

Year founded

2002

View All I4dm Jobs

Apply