Risk Management Framework Specialist

General information

Requisition # R59694 Locations USA-VA-Norfolk Posting Date 04/09/2025 Security Clearance Required Secret Remote Type Onsite Time Type Full time

Description & Requirements

Shape the future of defense with ManTech! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we’ve been a trusted partner to the Department of Defense, delivering cutting-edge projects that make a real impact. Dive into exciting opportunities in Cybersecurity, IT, Data Analytics and more. Propel your career forward and be part of something extraordinary. Your journey starts now—protect and innovate with ManTech!

ManTech seeks a motivated, career and customer-oriented Risk Management Framework Specialist to join our team in Norfolk, VA.  This position is onsite.

Responsibilities include but are not limited to:

• Lead the creation and maintenance of cybersecurity operations-related Policies and Procedures, Administrative Guides, Plans, and Technical Documentation

• Offer security guidance throughout system lifecycles in collaboration with engineers, administrators, and software developers

• Prepare impact and risk assessment reports on residual risks, including identifying false positives and nonapplicable findings, for use by NCTE's cybersecurity and risk management leadership.

• This includes security compliance reports, STIG reports, compliance status briefings, and security/risk test artifacts

• Support cybersecurity and risk management workflow actions and change request tickets within NCTE's change management system, including reviewing, approving, or addressing risk management aspects of change requests

• Provide technical guidance to engineers, software developers, and system administrators to support vulnerability remediation, STIG compliance, patching, and code security measures required to achieve compliance

• Review and update IS Authorization documentation (Body of Evidence) to support IS Assessment and Authorization (Certification/Accreditation) activities

• Work in a constantly changing regulatory environment with short, mid, and long-term timelines for remediating any non-compliance

Minimum Qualifications:

• Bachelor's of Science degree with 8+ years of experience or 12+ years of IA experience in lieu of degree

• Current DoD 8570 baseline certification for IAM III

• Expert in Risk Management Framework (RMF), NIST, ICD, and CNSS standards

• Expert with network technologies (LAN & WAN) and best practices within a classified environment to include crypto and key management

• STIG compliance, SCC and STIG Viewer experience, and ACAS expertise

• Expert with Microsoft Windows, Linux, and system virtualization in a secure network environment

Preferred Qualifications:

• Past or current ISSM/ISSO experience

• Security+ or CISSP, GCIH a plus

• DoD IS knowledge and experience

• Background or understanding of System Security Plans (SSP)

• Security hardening scripting/automation experience

• Microsoft OS Certification (MCSE Win 7 or other)

• Linux certification (RHCSA, CompTIA Linux, LCFS/LCFE, etc.)

Clearance Requirements:

• Active Secret required to start with TS-SCI eligibility

Physical Requirements:

• Up to 25% travel required or as needed.

• Must be able to remain in a stationary position 50%

• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.

• The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

ManTech International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation.
If you need a reasonable accommodation to apply for a position with ManTech, please email us at careers@mantech.com and provide your name and contact information.