Senior Risk Management Framework Engineer

General information

Requisition # R60303 Locations USA-VA-Norfolk Posting Date 05/06/2025 Security Clearance Required Secret Remote Type Onsite Time Type Full time

Description & Requirements

Shape the future of defense with ManTech! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we’ve been a trusted partner to the Department of Defense, delivering cutting-edge projects that make a real impact. Dive into exciting opportunities in Cybersecurity, IT, Data Analytics and more. Propel your career forward and be part of something extraordinary. Your journey starts now—protect and innovate with ManTech!

ManTech seeks a motivated, career and customer-oriented Senior Risk Management Framework Engineer to join our team in Norfolk, VA. This position is onsite.

Responsibilities include but are not limited to:

• Serve as the lead advisor on RMF implementation across system lifecycles and manage workload for team members to meet established timelines

• Conduct security categorization, control selection, implementation, and assessment in accordance with NIST SP 800-53 and DoDI 8510.01

• Prepare and maintain RMF documentation, including the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and Security Assessment Reports (SAR)

• Guide system owners through the RMF steps to achieve full 3-year Authorization to Operate (ATO)

• Collaborate with security control assessors (SCAs) and NQV’s to coordinate risk assessments and validation testing

• Identify, document, and mitigate system vulnerabilities using tools such as Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS), and Security Technical Implementation Guidelines (STIG’s)

• Expert level experience in maintaining continuous monitoring strategies and conducting periodic reviews in accordance with DoD and NIST guidelines

• Provide training on RMF processes and cybersecurity best practices to junior staff and stakeholders

• Maintain up to date evolving DoD cybersecurity policy, threat landscape, and risk mitigation techniques

• Create Standard Operating Procedures (SOPs), internal process documents, and input cyber policies that support the continuous monitoring of accredited information systems

• Up to 10% travel mainly Conus

Minimum Qualifications:

• BS or BA degree in Computer Science, Information Systems, Cybersecurity, or a related discipline. Additional 6 years of RMF experience may be substituted for a degree

• 7+ years of experience working within RMF environments, particularly supporting federal or DoD system

• Experience in NIST SP 800-series publications, especially SP 800-53, 800-37, and 800-30

• Strong knowledge in requesting, obtaining, and reviewing compliance artifacts to assist in executing security and privacy controls testing such as security plans, SOPs, system screenshots, and system configuration settings

• CASP+, CISSP, or CISM certification

• Navy Qualified Validator (NQV) Level 1

Clearance Requirements:

• Active Secret clearance with the ability to obtain a TS/SCI clearance

Physical Requirements:

• Must be able to remain in a stationary position 50%.

• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

• Often positions self to maintain computers in the lab, including under the desks and in the server closet.

• Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

ManTech International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation.
If you need a reasonable accommodation to apply for a position with ManTech, please email us at careers@mantech.com and provide your name and contact information.