RMF Manager Specialist-U.S. Scott Air Force Base,IL (St. Louis)

At geocgi we pride ourselves on not losing our focus. We started out and remain GIS experts (or geeks. . . depending on your perspective). Since 2006, we’ve evolved into a world-class and world-wide service provider of multiple disciplines. We are a talented, hardworking group that share values and characteristics that drive client, professional, and personal success. geocgi is seeking an experienced

Risk Management Framework Manager/Specialist

 to oversee and manage cybersecurity processes and ensuring compliance for the United States Air Force Program at Scott Air Force Base, Illinois (St. Louis area).The Risk Management Framework Manager/Specialist is responsible for implementing and maintaining the RMS process within the organization, specifically for systems and applications deployed on Amazon Web Services (AWS) cloud infrastructure. The Risk Management Framework Manager/Specialist will also be responsible for preparing and maintaining Authority to Operate (ATO) documents, as well as providing guidance and training to other members of the organization on RMF-related matters. This position’s location is at U.S. Scott Air Force Base in Illinois (St. Louis area). 

Key Responsibilities: 

• Lead the implementation of the Risk Management Framework (RMF) for the U.S. Air Force information systems, ensuring compliance with Department of Defense (DoD) and U.S. Air Force cybersecurity polities.  
• Conduct security control assessments and validate the effectiveness of implemented controls for information systems. 
• Perform risk assessments to identify vulnerabilities, threats and risks to information systems and recommend appropriate mitigation strategies for implementation and hardening. 
• Prepare and maintain Risk Management Framework documentation including but not limited to System Security Plans (SPPs), Plan of Action and Milestones (POA&Ms) and Risk Assessment Reports. 
• Implement and manage continuous monitoring strategies to ensure ongoing assessment and authorization of information systems. 
• Work closely with system owners, developers, and other stakeholders to ensure security requirements are integrated throughout the system development lifecycle.  
• Support internal and external audits, reviews, and inspections related to information system security.  
• Ensure alignment with current Air Force cybersecurity policies, standards, and regulations, and recommend updates to cybersecurity policies as needed. 
• Mentor and guide junior staff in performing these task, providing training and support to enhance their skills and ensure adherence to best practices and U.S. Air Force standards.

As an employee of geocgi, the Risk Management Framework Manager/Specialist will have access to a generous benefits package, in addition to a corporate culture and community of GIS geeks. Our benefits include but are not limited to: 

• Competitive salaries, commensurate with experience and leading Federal Contractors in the geospatial industry. 
• Opportunities for upward mobility in a dynamic fast paced environment within a small company. 
• Merit-based spot and end of year bonuses. 
• Safe Harbor 401(k) plan with immediate vesting. 
• Flexible work hours and PTO. 
• Complete Medical, Dental, and Vision coverage for individuals. 
• Company paid training, certifications, and professional growth and development. 

The following are requirements of the Risk Management Framework Manager/Specialist: 

• US Citizen with a DoD Top Secret/SCI Clearance or ability to obtain and maintain. 
• Minimum of a Bachelor’s degree in Cybersecurity, Information Technology, Computer system or related field. 
• 5+ years of hands-on experience in Cybersecurity with a minimum of 3 years specializing in Risk Management Framework processes and DoD information systems 
• Proficiency in Risk Management Framework tools and technologies, such as eMASS (Enterprise Mission Assurance Support Service) and vulnerability assessment tools (e.g., Nessus, ACAS, SCAP). 
• In-depth knowledge of NIST Special Publications (SP) 800-37, 800-53, and 800-171, as well as DoD Instruction 8510.01 and related guidelines. 
• Excellent verbal and written communication skills, with the ability to clearly explain complex cybersecurity concepts to both technical and non-technical audiences. 
• Skilled in communicating effectively with military command staff, contractors, and civilians, ensuring clear and concise information exchange across diverse groups and stakeholders. 
• Ability to manage multiple projects, meet deadlines, and work both independently and collaboratively, with a passion for location-based problem-solving to support business and mission-critical challenges. 
• Proficient with Microsoft Office Suite (Word, Excel, PowerPoint, Outlook). 

The following are preferred or be willing to obtain and maintain for the Risk Management Framework Manager/Specialist role: 

• CompTIA Security+ Certification. 
• Certified Information Systems Security Professional (CISSP). 
• Certified Authorization Professional (CAP). 

Please visit our website and careers page at: www.geocgi.com to apply. Geocgi provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. As a U.S. Federal Contractor, geocgi complies with COVID-19 vaccine mandates for all personnel as outlined by Executive Order 14042.