(282) Risk Management Framework (RMF) Strategy and Learning Content Lead

Company Summary

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future. 

Company Summary 

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.  

The Office of the Secretary of Defense (OSD) Chief Digital and Artificial Intelligence Office (CDAO) is at the forefront of supporting the DoD with the adoption of innovative technologies such as data, analytics, and artificial intelligence to help accelerate predictions, forecasts, and interpretations for both strategic and tactical decisions across the enterprise. These ground-breaking endeavors bring new challenges to the assessment of DoD IT systems that previously did not exist.  

Position Overview 

Arlo is in search of a RMF Strategic Content Lead supporting the CIO and Authorizing Official (A0) for the OSD Chief Data and Artificial Intelligence office.  In this role you will be responsible for developing and executing communication strategies and training content to support cyber policy, practices, and authorizations as it relates to the Assess and Authorize process of the Risk Management Framework (RMF). This role will focus on enhancing organizational messaging, promoting key initiatives, and maintaining stakeholder engagement across various platforms. Additionally, you will be responsible for developing strategies and briefing materials regarding organizational messaging that may impact the enterprise’s operations, assets, or reputation.

The candidate should have a background in risk management and experience with DoD cyber workforce implementations. The candidate must also possess knowledge of NIST 800-37 r2 the Risk Management Framework. Success in this position requires expertise in other statutory guidance with the NIST 800 series, as well as DoDI 8500.01, DoD 8140.03, ISO 27001, COBIT, DoD RMF, along with current cybersecurity best practices.

Work Location 

Full time remote. Candidates in the Washington DC Metropolitan preferred. Travel requirements will vary with location, however, expect approximately 10% to 25%.  Ability to come into the office for specific meetings and hot seating as needed.

Candidates must possess at least an active Secret clearance to be considered for this position.

Job Responsibilities

Strategic Activities

• Prepare briefing materials, presentations, and reports for senior leadership.
• Author and present briefs for CIO/AO to be presented to the public and other senior Government officials.
• Collaborate between the AO and the CDAO Programs and capabilities as well as senior leadership (focusing on creating metrics, tracking authorizations, etc.)
• Develop briefing materials and metrics to track progression of implementation of the RMF AO as a Service strategy.
• Stay informed about industry regulations and standards regarding Governance, Risk and Compliance (GRC)
• Conduct deliberate analysis supporting RMF roles, to include identification of mission essential tasks and reporting.
• Plan, develop and execute strategic offsite events for the Cyber Assurance Office and DoD leadership such as strategy sessions, summits, and round tables.

Content Development and Management

• Maintain configuration management of all training materials across multiple platforms.
• Collaborate with cross-functional teams to gather information on existing and emerging risks for metrics reporting.
• Be responsible for metrics and reporting regarding training, RMF content development, strategic communications, and material development.
• Manage and maintain content for digital platforms, including websites, social media channels, and newsletters.
• Collaborate cross functionally with Government organizations such as Special Publications Office, Public Relations, and Digital Talent management teams within CDAO and other teams.
• Work with external vendors (Printers, Tech Editing, Graphic Design) and Government entities (such as Public Affairs Office) to complete deliverables.

Training

• Collaborate with team members to design, develop, and deliver comprehensive training materials for that creates a risk-aware culture within the CDAO Assess and Authorize community.
• Develop SOPs for the Assess and Authorize process within CDAO cyber assurance.
• Develop training program materials for Security Control Assessors (SCAs) and Information System Security Managers (ISSMs).
• Collaborate with subject matter experts to create instructional materials that accurately reflect the latest practices in Information Assurance, DoD Cybersecurity Policies, Information Security, NIST, and the Risk Management Framework.
• Develop both traditional training materials and engaging and interactive e-learning modules, videos, and other digital content.
• Work with instructors and provide both live and remote instruction to CDAO cyber assurance stakeholders.
• Conduct needs assessments to identify training gaps and tailor programs to meet organizational requirements.
• Collaborating with the Strategic Communication Specialist to publish training materials on various channels providing the widest dissemination possible.

Education and Minimum Qualifications 

Required 

• At least 5 years of cybersecurity experience in a technical or project management role.
• Expert understanding of NIST 800 series standards and guidelines, related Federal guidance, DoD RMF, and current cybersecurity best practices.
• Ability to articulate process and strategic ideas visually.
• Engineering background with the ability to understand and communicate complex technical concepts.
• Strong project management skills, with the ability to manage multiple projects and meet deadlines.
• Extensive experience with Microsoft Office Tools. PowerPoint skills a must.
• Excellent communication/presentation skills briefing senior military and government civilian leadership.
• Strong analytical and problem-solving skills, with the ability to think critically and strategically.
• Ability to work collaboratively in a team environment and build positive relationships with stakeholders.

Preferred 

• Experience working at DoD HQ level environment, AF (Pentagon) experience preferred.
• Familiarity with US CYBERCOM
• Background as an information systems security officer or other RMF roles
• Project Management Professional (PMP) certification
• Prior instructional design or other training experience
• Interest or background in Artificial Intelligence
• Visual design ability

AAP Statement 

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status. 

AAP Statement

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.