RMF Cybersecurity Documentation Consultant

The Swift Group is seeking a highly skilled RMF Cybersecurity Documentation Consultant with expertise in cybersecurity analysis, the Risk Management Framework (RMF), cloud computing, Agile methodology, and DevSecOps. The ideal candidate will play a crucial role in ensuring the security and compliance of information systems within cloud environments by applying advanced cybersecurity principles and practices. This role involves working closely with cross-functional teams to assess, manage, and mitigate risks while ensuring adherence to industry standards and regulatory requirements.
Key Responsibilities:
◦ Conduct thorough cybersecurity assessments of information systems, identifying vulnerabilities and potential threats.
◦ Perform risk analysis and develop strategies to mitigate identified risks.
◦ Monitor and analyze security events, providing actionable insights to improve overall security posture.
◦ Implement and manage the RMF process, including categorization, security control selection, implementation, assessment, authorization, and continuous monitoring.
◦ Develop and maintain security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&Ms).
◦ Guide system owners and stakeholders through the RMF process, ensuring compliance with federal regulations and guidelines.
◦ Evaluate and enhance the security of cloud environments, including AWS, Azure, and other cloud service providers.
◦ Implement security controls specific to cloud computing environments, ensuring compliance with cloud security best practices.
◦ Assess and manage risks associated with cloud services, including IaaS, PaaS, and SaaS.
◦ Provide expert advice on cybersecurity best practices, risk management, and compliance to internal teams and clients.
◦ Lead security workshops and training sessions to enhance the security awareness and capabilities of the organization.
◦ Stay up-to-date with the latest cybersecurity trends, threats, and technologies, and apply this knowledge to improve the organization's security posture.
Qualifications:
• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in cybersecurity analysis, with a focus on RMF and cloud security.
• Strong understanding of cloud computing environments and security controls within AWS, Azure, or similar platforms.
• Experience working within Agile and DevSecOps frameworks, with a focus on integrating security practices.
• In-depth knowledge of federal regulations, standards, and guidelines related to information security (e.g., NIST, FISMA).
• Relevant certifications such as CISSP, CISM, CEH, or AWS Certified Security Specialty are highly desirable.
• Excellent analytical, problem-solving, and communication skills.
• Must posses an active Top Secret/SCI with Polygraph.

The Swift Groups is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.