Security Risk Management Jobs in Wisconsin (NOW HIRING)

Seeking a dedicated and experienced Risk Management Framework (RMF) Specialist to oversee and manage cybersecurity processes, ensuring compliance with DoD and Air Force policies. The RMF Specialist will play a critical role in safeguarding the Air Force’s information systems by identifying, assessing, and mitigating security risks. This position requires a deep understanding of the RMF lifecycle and its application in a military context.

Work Environment:

• Location:  Onsite - Washington, DC (This is not a remote position)
• Security Clearance: Must possess or be able to obtain and maintain a Top Secret/SCI clearance.
• Travel < 20% of the time

NV5 is a global technology solutions and consulting services company with a workforce of over 4,500 professionals in more than 100 offices worldwide.  NV5’s continued growth has been spurred through strategic investments in firms with unique capabilities to help current and future customers solve the world’s toughest problems.  The NV5 family brings together talent across a wide range of markets and fields, including Professional Engineers, Professional Land Surveyors, Architects, Photogrammetrists, GIS Professionals, Software Developers, IT, Project Management Professionals, and more.

At NV5 Geospatial, we are a collaboration of intelligent, innovative thinkers who care for each other, our communities, and the environment.  We value both heart and head, the diversity of our people, and their experiences because that is how we continue to grow as a leader in our industry and expand our individual and collective potential.

• RMF Implementation: Lead the implementation of the Risk Management Framework (RMF) for Air Force information systems, ensuring compliance with DoD and Air Force cybersecurity policies.
• Security Control Assessment: Conduct security control assessments and validate the effectiveness of implemented controls for information systems.
• Risk Analysis: Perform risk assessments to identify vulnerabilities, threats, and risks to information systems, and recommend appropriate mitigation strategies.
• Documentation: Prepare and maintain RMF documentation, including System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and Risk Assessment Reports.
• Continuous Monitoring: Implement and manage continuous monitoring strategies to ensure ongoing assessment and authorization of information systems.
• Collaboration: Work closely with system owners, developers, and other stakeholders to ensure security requirements are integrated throughout the system development lifecycle.
• Audit Support: Support internal and external audits, reviews, and inspections related to information system security.
• Policy and Compliance: Ensure alignment with current Air Force cybersecurity policies, standards, and regulations, and recommend updates to cybersecurity policies as needed.

Requirements

• Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Experience: Minimum of 5 years of experience in cybersecurity, with at least 3 years specializing in RMF processes and DoD information systems.
• Certifications: Must possess or be willing to obtain relevant cybersecurity certifications such as Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), or equivalent.
• Security Clearance: Ability to obtain and maintain a Top Secret/SCI security clearance.
• Technical Skills: Proficiency in RMF tools and technologies, such as eMASS (Enterprise Mission Assurance Support Service) and vulnerability assessment tools (e.g., Nessus, ACAS, SCAP).
• Knowledge: In-depth knowledge of NIST Special Publications (SP) 800-37, 800-53, and 800-171, as well as DoD Instruction 8510.01 and related guidelines.
• Communication: Strong verbal and written communication skills, with the ability to effectively convey complex cybersecurity concepts to both technical and non-technical audiences.
• Analytical Skills: Excellent analytical and problem-solving skills, with a keen attention to detail and a proactive approach to identifying and addressing security risks.

Competencies & Skills

• Strong problem-solving skills and the ability to troubleshoot database issues effectively.
• Excellent communication and collaboration skills for cross-team efforts.

The pay range for this Washington DC position is $100,000- $120,000 per year; however, base pay offered may be higher or lower depending on job-related knowledge, skills, and experience of the candidate. Full range of financial, and/or other benefits, dependent on the position offered. Medical, dental, and vision insurance are also offered to full-time employees, along with Flexible Spending Accounts and Health Savings Accounts, with employee and employer contributions. Applicants should apply via the NV5 careers site.

Employment is contingent upon successful completion of a background check and drug screening.

NV5 offers a competitive compensation and benefits package including medical, dental, life insurance, FTO, 401(k) and professional development/advancement opportunities.

NV5 provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. NV5 complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

#LI-Onsite

#LI-JG1