ZipRecruiter

Log In

1

Risk Management Framework Jobs (NOW HIRING)

Govcio LLC

Risk Management Framework SME

Hampton, VA · On-site

$135K - $145K/yr

GovCIO is currently hiring for a Risk Management Framework SME to support modernization effort. This position will be located in Hampton, VA on Joint Base Langley-Eustis and will be a fully onsite ...

next page

Showing results 1-20

People also search for

All JobsRisk Management Framework Jobs

Risk Management Framework information

See salary details

$14

$30

$74

How much do risk management framework jobs pay per hour?

As of May 28, 2026, the average hourly pay for risk management framework in the United States is $30.34, according to ZipRecruiter salary data. Most workers in this role earn between $19.47 and $38.70 per hour, depending on experience, location, and employer.

What is a Risk Management Framework job?

A Risk Management Framework (RMF) job involves implementing, managing, and overseeing cybersecurity risk assessment processes within an organization. Professionals in this role ensure compliance with security standards, such as NIST 800-37, by identifying, assessing, and mitigating information security risks. They collaborate with stakeholders to enforce security controls, conduct risk assessments, and support continuous monitoring. These roles are essential in government agencies, defense contractors, and industries handling sensitive data.

What are the key skills and qualifications needed to thrive in the Risk Management Framework position, and why are they important?

To thrive in a Risk Management Framework role, a strong background in risk assessment, regulatory compliance, and information security is essential, often supported by relevant degrees or certifications like CISSP or CRISC. Familiarity with Risk Management Frameworks such as NIST RMF, GRC platforms, and security assessment tools is highly valued. Analytical thinking, effective communication, and attention to detail are key soft skills for success in this field. These abilities are crucial for identifying potential risks, ensuring regulatory compliance, and facilitating efficient collaboration across departments to safeguard organizational assets.

What are the typical daily responsibilities for someone working in a Risk Management Framework position?

Professionals in Risk Management Framework roles commonly conduct risk assessments, document controls, and ensure that security policies align with current regulations and standards. They collaborate with IT, compliance, and business teams to identify vulnerabilities and implement risk mitigation strategies. On a daily basis, tasks may include reviewing security documentation, preparing reports for audits, and staying current with regulatory changes. This role often requires translating complex technical findings into clear guidance for non-technical stakeholders, supporting a culture of continual risk awareness across the organization.

What does a risk management framework do?

A risk management framework provides structured processes for identifying, assessing, and mitigating risks within an organization. It helps ensure that potential threats are managed proactively, supporting decision-making and compliance with industry standards. Risk managers often use tools like risk registers and follow standards such as ISO 31000 to implement effective strategies.
More about Risk Management Framework jobs
What cities are hiring for Risk Management Framework jobs? Cities with the most Risk Management Framework job openings:
What states have the most Risk Management Framework jobs? States with the most job openings for Risk Management Framework jobs include:
What job categories do people searching Risk Management Framework jobs look for? The top searched job categories for Risk Management Framework jobs are:
Risk Management Framework jobs near you
Infographic showing various Risk Management Framework job openings in the United States as of May 2026, with employment types broken down into 82% Full Time, 9% Temporary, and 9% Contract. Highlights an 73% In-person, 9% Hybrid, and 18% Remote job distribution, with an average salary of $63,100 per year, or $30.3 per hour.

Risk Management Framework SME

Govcio LLC

Hampton, VA • On-site

$135K - $145K/yr

Full-time

Posted 10 days ago

GovCIO rating

7.2

Company rating: 7.2 out of 10

Based on 8 frontline employees who took The Breakroom Quiz

111th of 204 rated it services

Job description

GovCIO is currently hiring for a Risk Management Framework SME to support modernization effort. This position will be located in Hampton, VA on Joint Base Langley-Eustis and will be a fully onsite position.
Responsibilities
We are seeking a highly skilled Risk Management Framework (RMF) Subject Matter Expert (SME) with a strong information system security manager (ISSM) background and hands-on experience with XACTA. You will guide system owners, engineering, teams and leadership through the full RMF lifecycle- ensuring compliance, managing documentation, and supporting secure system operations across classified and unclassified environments. This position is located at Langley Air Force Base, Hampton, Virginia.
Key Responsibilities
  • Lead and manage the full DOD RMF process for assigned systems
  • Provide ISSM-level oversight and guidance to ensure compliance with DOD, NIST and agency-specific security policies
  • Develop, maintain, and validate RMF documentation including System Security Plans, Security controls traceability matrices, POA&M, and systems categorization artifacts
  • Utilize XACTA for control implementation, evidence upload, package creation, workflow, management, and assessment preparation
  • Work closely with engineers, administrators, developers, and mission stakeholders to ensure secure design and architecture decisions
  • Lead assessment preparation activities and support independent audits, CCRI reviews, and Authorizing Official (AO) evaluations
  • Conduct vulnerability analysis, risk assessment and remediation planning
  • Guide continuous monitoring activities: STIG compliance, vulnerability scanning, patch management review, and incident documentation
  • Serve as a subject matter expert for cybersecurity policy interpretation, control inheritance, and risk acceptance recommendations
  • Provide training, mentoring and support to security analysts and program team members

Qualifications
High School with 9+ years (or commensurate experience)
Required Skills and Experience
Clearance: TS/SCI
  • Proven experience supporting or performing duties as an ISSM or ISSO
  • Hands-on experience with XACTA for RMF package development
  • Experience with STIGs, ACAS, HBSS/Trellix, vulnerability management, and secure configuration baselines
  • Strong communication skills and the ability to brief leadership and stakeholders
  • DOD 8140 IAM Level III (CISSP, CISM, CCISO)

Preferred Skills and Experience
  • Experience supporting complex, multi-system environments or programs of record
  • Experience supporting CCRI/ Command Cyber Readiness Inspections
  • Experience with DOD networks (NIPR, SIPR, JWICS)

#DSG #NSS #MAVERICK #TM #TMK #mav002
Posted Salary Range
USD $135,000.00 - USD $145,000.00 /Yr.

Apply