Peraton is seeking a RMF Program Lead. Peraton’s Defense Mission and Global Health Solutions Sector is seeking a for the Department of Defense (DoD). The successful candidate will be responsible for the overall management and execution of the Risk Management Framework (RMF) tasks, providing expert guidance and direction to a team of RMF professionals. Provide expert guidance on RMF principles (NIST SP 800-37, 800-53) and oversee the consistent application of RMF processes across all DHRA systems. Lead a team of RMF specialists, providing mentorship and ensuring the quality of deliverables such as SSPs, SARs, and POA&Ms. Serve as the primary point of contact for all RMF-related matters, communicating with stakeholders and ensuring compliance with relevant regulations and policies.
What You’ll Do:
- Management and Execution of RMF Tasks: Oversee and manage the overall execution of the Risk Management Framework (RMF) activities, ensuring adherence to established principles and standards (NIST SP 800-37 and 800-53).
- Expert Guidance on RMF Principles: Provide advanced expertise on RMF processes to ensure consistent application of security controls, policies, and procedures across all DHRA systems.
- Leadership and Mentorship: Lead and mentor a team of RMF professionals, ensuring the delivery of high-quality documentation and outputs such as System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).
- Quality Assurance: Ensure the accuracy, quality, and completeness of all deliverables related to the RMF process, driving continuous improvement and compliance.
- Stakeholder Liaison: Act as the primary point of contact for all RMF-related matters, facilitating communication between internal teams, leadership, and external stakeholders.
- Regulatory and Policy Compliance: Ensure that all RMF activities comply with relevant regulations, policies, and guidelines, maintaining a secure operational posture for DHRA systems.
- Program Oversight: Oversee the integration of RMF processes across the organization, identifying areas for improvement and fostering a culture of cybersecurity awareness and compliance.
Knowledge, Skills, and Abilities
- Comprehensive Knowledge of RMF Processes: Expertise in the Risk Management Framework (RMF), including NIST SP 800-37 and NIST SP 800-53, to ensure consistent implementation of security controls.
- Leadership and Team Management: Strong leadership and mentoring skills to guide a team of RMF professionals, ensuring quality deliverables and professional development.
- Technical Understanding of Information Security: In-depth knowledge of information systems security principles, methodologies, and technologies, including operational requirements and cyber threats.
- Regulatory Compliance Expertise: Familiarity with federal cybersecurity mandates, including FISMA, FedRAMP, and DoD/DISA policies and standards.
- Risk Analysis and Mitigation: Ability to perform thorough risk assessments, identify vulnerabilities, and provide actionable mitigation strategies aligned with organizational priorities.
- Effective Communication Skills: Strong ability to convey complex cybersecurity concepts and RMF processes to stakeholders at all levels, including technical staff, leadership, and external auditors.
- Documentation Development and Review: Proficient in creating, reviewing, and validating RMF deliverables, such as System Security Plans (SSPs), Security Assessment Reports (SARs), and POA&Ms.
- Project Management and Program Oversight: Skilled in managing large-scale cybersecurity projects, ensuring adherence to timelines, resources, and organizational goals.
- Automation and Process Improvement: Ability to leverage tools and technologies to automate RMF processes, improve workflow efficiency, and establish performance metrics.
- Analytical and Problem-Solving Skills: Strong analytical mindset to identify security challenges, evaluate solutions, and provide expert recommendations for enhancing the organization’s cybersecurity posture.
