Senior Cyber Security Engineer (Risk Management Framework Analyst)

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™


ASRC Federal is seeking a qualified Risk Management Framework (RMF) Analyst to support a DoDEA client.
Position Summary:
The RMF Analyst will provide support for the Department of Defense Education Activity (DoDEA) Office of the Chief Information Officer by delivering comprehensive Risk Management Framework (RMF) Assessment and Authorization (A&A) support. This position involves the assessment of information systems to ensure compliance with federal cybersecurity policies and the preparation of ATO (Authority to Operate) documentation. The RMF Analyst will serve as a subject matter expert and assist in the development and continuous monitoring of DoDEA information systems.
Key Responsibilities:
• Conduct annual A&A package reviews for completeness and accuracy, including System Security Plans, Privacy Threshold Assessments, and other documents.
• Review and revise A&A documentation in eMASS to ensure consistency and compliance with Federal and DoDEA requirements.
• Implement and maintain continuous monitoring strategies and documentation.
• Create Security Assessment Plans (SAP), Rules of Engagement (ROE), and Security Assessment Reports (SAR).
• Perform security control assessments and generate deliverables such as categorization reviews and security plans.
• Develop and sustain MOAs and MOUs focusing on shared security controls.
• Prepare monthly reports and recommend improvements for A&A processes.
• Assist in implementing and documenting security control measures as per organizational policies.
• Identify non-compliant controls and develop POA&Ms with remediation milestones.
• Develop strategies for continuous monitoring of security controls and system changes.
Required Qualifications:
• BS/BA required in addition to 5-7 years of experience with DoD cybersecurity and RMF A&A processes or equivalent.
• Minimum IAT Level II or III certification (in accordance with DoDD 8140.01.
• Familiarity with tools such as eMASS and DISA STIGs.
• Strong technical writing and documentation skills.
• This position requires the ability to obtain and maintain a government clearance, U.S. Citizenship is required.
• This position requires the successful applicant to obtain and maintain the required security clearance or other authorization(s) within the necessary timeframe required by applicable contract(s).
Clearance Requirement:
• Active SECRET security clearance required. Must be U.S. Citizen and meet DoD ADP Level II requirements.
• Tier 3 background investigation clearance (NACLC).


We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.

EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.