1

Risk Management Framework Jobs (NOW HIRING)

Provide independent model risk management and support for the VP of Model Risk as follows: Model ... Review of model theoretical framework and design; Review of model performance. * Review of Model ...

Provide independent model risk management and support for the VP of Model Risk as follows: Model ... Review of model theoretical framework and design; Review of model performance. * Review of Model ...

Framework Design: Establish and iterate on the firm-wide ERM program, including the enhancement of the Risk Appetite Statements and associated tolerance thresholds. * Risk Lifecycle Management:

The Risk Management Analyst contributes to the development and maintenance of risk frameworks and registers that enable proactive risk mitigation and program resilience. Please note this position is ...

The Risk Management Analyst contributes to the development and maintenance of risk frameworks and registers that enable proactive risk mitigation and program resilience. Please note this position is ...

The Risk Management Analyst contributes to the development and maintenance of risk frameworks and registers that enable proactive risk mitigation and program resilience. Please note this position is ...

next page

Showing results 1-20

Risk Management Framework information

See salary details

$14

$30

$74

How much do risk management framework jobs pay per hour?

As of Jul 14, 2026, the average hourly pay for risk management framework in the United States is $30.34, according to ZipRecruiter salary data. Most workers in this role earn between $19.47 and $38.70 per hour, depending on experience, location, and employer.

What is a Risk Management Framework job?

A Risk Management Framework (RMF) job involves implementing, managing, and overseeing cybersecurity risk assessment processes within an organization. Professionals in this role ensure compliance with security standards, such as NIST 800-37, by identifying, assessing, and mitigating information security risks. They collaborate with stakeholders to enforce security controls, conduct risk assessments, and support continuous monitoring. These roles are essential in government agencies, defense contractors, and industries handling sensitive data.

What are the key skills and qualifications needed to thrive in the Risk Management Framework position, and why are they important?

To thrive in a Risk Management Framework role, a strong background in risk assessment, regulatory compliance, and information security is essential, often supported by relevant degrees or certifications like CISSP or CRISC. Familiarity with Risk Management Frameworks such as NIST RMF, GRC platforms, and security assessment tools is highly valued. Analytical thinking, effective communication, and attention to detail are key soft skills for success in this field. These abilities are crucial for identifying potential risks, ensuring regulatory compliance, and facilitating efficient collaboration across departments to safeguard organizational assets.

What are the typical daily responsibilities for someone working in a Risk Management Framework position?

Professionals in Risk Management Framework roles commonly conduct risk assessments, document controls, and ensure that security policies align with current regulations and standards. They collaborate with IT, compliance, and business teams to identify vulnerabilities and implement risk mitigation strategies. On a daily basis, tasks may include reviewing security documentation, preparing reports for audits, and staying current with regulatory changes. This role often requires translating complex technical findings into clear guidance for non-technical stakeholders, supporting a culture of continual risk awareness across the organization.

More about Risk Management Framework jobs
What cities are hiring for Risk Management Framework jobs? Cities with the most Risk Management Framework job openings:
What states have the most Risk Management Framework jobs? States with the most job openings for Risk Management Framework jobs include:
What job categories do people searching Risk Management Framework jobs look for? The top searched job categories for Risk Management Framework jobs are:
Infographic showing various Risk Management Framework job openings in the United States as of July 2026, with employment types broken down into 87% Full Time, 10% Part Time, and 3% Contract. Highlights an 78% Physical, 3% Hybrid, and 19% Remote job distribution, with an average salary of $63,100 per year, or $30.3 per hour.
Risk Management Framework (RMF) Specialist (Onsite)

Risk Management Framework (RMF) Specialist (Onsite)

Geospatial Consulting Group International (geocgi)

Saint Louis, MO

$80K - $100K/yr

Other

Medical, Dental, Vision, Retirement, PTO

Posted 19 days ago


Job description

Client: USAF, Air Mobility Command

Work Location: Scott Airforce Base, Belleville, Illinois

Reporting Hours: Onsite M-F, Central Standard Time

Clearance: Active DoD Secret Clearance with the ability to obtain Top Secret or TS/SCI

Travel: None at this time

  

Geocgi is seeking an experienced Risk Management Framework Specialist to oversee and manage cybersecurity processes and ensuring compliance for the United States Air Force Program at Scott Air Force Base, Illinois (St. Louis area). The Risk Management Framework Specialist is responsible for implementing and maintaining the RMS process within the organization, specifically for systems and applications deployed on Amazon Web Services (AWS) cloud infrastructure. The Risk Management Framework Manager/Specialist will also be responsible for preparing and maintaining Authority to Operate (ATO) documents, as well as providing guidance and training to other members of the organization on RMF-related matters. This position's location is at U.S. Scott Air Force Base in Illinois (St. Louis area- Belleville, Illinois).

Key Responsibilities:

  • Lead the implementation of the Risk Management Framework (RMF) for the U.S. Air Force information systems, ensuring compliance with Department of Defense (DoD) and U.S. Air Force cybersecurity polities.
  • Conduct security control assessments and validate the effectiveness of implemented controls for information systems.
  • Perform risk assessments to identify vulnerabilities, threats and risks to information systems and recommend appropriate mitigation strategies for implementation and hardening.
  • Prepare and maintain Risk Management Framework documentation including but not limited to System Security Plans (SPPs), Plan of Action and Milestones (POA&Ms) and Risk Assessment Reports.
  • Implement and manage continuous monitoring strategies to ensure ongoing assessment and authorization of information systems.
  • Work closely with system owners, developers, and other stakeholders to ensure security requirements are integrated throughout the system development lifecycle.
  • Support internal and external audits, reviews, and inspections related to information system security.
  • Ensure alignment with current Air Force cybersecurity policies, standards, and regulations, and recommend updates to cybersecurity policies as needed.
  • Mentor and guide junior staff in performing these tasks, providing training and support to enhance their skills and ensure adherence to best practices and U.S. Air Force standards.

As an employee of geocgi, the Risk Management Framework Specialist will have access to a generous benefits package, in addition to a corporate culture and community of GIS geeks. Our benefits include but are not limited to:

  • Competitive salaries, commensurate with experience and leading Federal Contractors in the geospatial industry.
  • Opportunities for upward mobility in a dynamic fast paced environment within a small company.
  • Merit-based spot and end of year bonuses.
  • Safe Harbor 401(k) plan with immediate vesting.
  • Flexible work hours and PTO.
  • Complete Medical, Dental, and Vision coverage for individuals.
  • Company paid training, certifications, and professional growth and development.

The following are requirements of the Risk Management Framework Specialist:

  • US Citizen with a DoD Top Secret/SCI Clearance or ability to obtain and maintain.
  • Minimum of a Bachelor's degree in Cybersecurity, Information Technology, Computer system or related field.
  • 5+ years of hands-on experience in Cybersecurity with a minimum of 3 years specializing in Risk Management Framework processes and DoD information systems
  • Proficiency in Risk Management Framework tools and technologies, such as eMASS (Enterprise Mission Assurance Support Service) and vulnerability assessment tools (e.g., Nessus, ACAS, SCAP).
  • In-depth knowledge of NIST Special Publications (SP) 800-37, 800-53, and 800-171, as well as DoD Instruction 8510.01 and related guidelines.
  • Excellent verbal and written communication skills, with the ability to clearly explain complex cybersecurity concepts to both technical and non-technical audiences.
  • Skilled in communicating effectively with military command staff, contractors, and civilians, ensuring clear and concise information exchange across diverse groups and stakeholders.
  • Ability to manage multiple projects, meet deadlines, and work both independently and collaboratively, with a passion for location-based problem-solving to support business and mission-critical challenges.
  • Proficient with Microsoft Office Suite (Word, Excel, PowerPoint, Outlook).

The following are preferred or be willing to obtain and maintain for the Risk Management Framework Specialist:

  • CompTIA Security+ Certification.
  • Certified Information Systems Security Professional (CISSP).
  • Certified Authorization Professional (CAP).

The annual base salary range for this position is anticipated to be $80,000 - $100,000 USD. The listed salary range represents our good faith estimate for this position. Please note that the salary information is a general guideline only. Geocgi considers factors such as (but not limited to) scope and responsibilities of the position, candidate's education & work experience, training & certifications, and key skills as well as market and business considerations at the time of the offer.