Requires US Citizenship Yes Employment Term and Type: Regular, Full Time Required Security Clearance: (Minimum for hire) TS/SCI Required Education:  (Minimum for hire)  Bachelor's Degree in Engineering or engineering discipline; Computer science or IT discipline; Technical discipline Salary Band: $150,000- $165,000 Job Description: FGS, LLC is seeking a Cybersecurity / RMF Lead to support the deployment and accreditation of a new cloud-based capability operating within a classified environment. The selected candidate will serve as the primary cybersecurity lead responsible for planning, coordinating, and executing all Risk Management Framework (RMF) activities necessary to obtain and maintain Authorization to Operate (ATO) for mission-critical systems supporting the Office of Naval Intelligence. The Cybersecurity / RMF Lead will work closely with system engineers, cloud architects, software developers, ISSMs, ISSOs, Security Control Assessors (SCAs), Authorizing Officials (AOs), and government stakeholders to ensure cybersecurity requirements are integrated throughout the system lifecycle. This role requires a strong understanding of cloud security architectures, DoD and Intelligence Community cybersecurity requirements, and the practical application of RMF within classified environments. Primary Duties and Responsibilities: Lead the execution of the DoD Risk Management Framework (RMF) lifecycle for classified cloud-hosted systems. Develop and maintain RMF packages within eMASS and Xacta. Coordinate system categorization, security control selection, implementation, assessment, authorization, and continuous monitoring activities. Serve as the primary cybersecurity advisor for cloud architecture and system engineering efforts. Develop and maintain cybersecurity documentation, including: System Security Plans (SSPs) Security Assessment Plans (SAPs) Security Assessment Reports (SARs) Plans of Action and Milestones (POA&Ms) Security Impact Assessments (SIAs) Continuous Monitoring Plans Data Flow Diagrams System Inventories Coordinate with cloud service providers and enterprise service owners to document inherited security controls and shared responsibility models. Support implementation and assessment of NIST SP 800-53 Rev. 5 security controls. Analyze vulnerability findings from ACAS, STIGs, SCAP scans, Microsoft Defender for Endpoint, and other security tools. Validate findings and coordinate remediation activities with system administrators, developers, and engineering teams. Prepare systems for Security Control Assessor (SCA) evaluations and authorization reviews. Participate in Configuration Control Boards (CCBs), Security Working Groups (SWGs), Cybersecurity Status Reviews (CSRs), and governance meetings. Perform security impact analyses for system changes, software releases, and cloud capability enhancements. Support annual assessments, continuous monitoring activities, and reauthorization efforts. Track cybersecurity risks and communicate authorization status to leadership and stakeholders. Ensure compliance with: NIST SP 800-53 Rev. 5 NIST SP 800-53A CNSSI 1253 DoDI 8510.01 DoD Cloud Computing Security Requirements Guide (SRG) Department of the Navy cybersecurity policies Intelligence Community cybersecurity guidance, as applicable Required Qualifications: U.S. Citizenship. Active TS/SCI clearance. Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or related technical discipline. Minimum seven (7) years of cybersecurity, RMF, or information assurance experience. Minimum three (3) years leading RMF activities for classified systems. Experience supporting cloud-based systems operating within DoD or Intelligence Community environments. Demonstrated experience obtaining or maintaining ATOs for classified information systems. Hands-on experience with: eMASS, Xacta, NIST SP 800-53, NIST SP 800-53A Security control implementation and assessment Vulnerability management processes POA&M management Strong understanding of cloud security architectures and shared responsibility models. Experience coordinating with ISSMs, ISSOs, SCAs, and Authorizing Officials. Active DoD 8570/8140 baseline certification such as: CISSP, Security+ CE, CASP+, CCSP, GSLC, Equivalent approved certification Desired Qualification: CISSP certification preferred. CCSP certification strongly desired. Experience supporting classified cloud deployments. Experience with Azure Government, AWS GovCloud, or other accredited cloud environments. Familiarity with Intelligence Community accreditation processes. Experience supporting DevSecOps environments and containerized workloads. Experience with vulnerability scanning tools including ACAS, Nessus, STIG Viewer, SCAP, and Microsoft Defender for Endpoint. Experience supporting continuous monitoring programs. Strong technical writing and briefing skills. Experience briefing senior government leadership on cybersecurity risk and authorization status. Education Requirements:  Bachelor’s degree in engineering or engineering discipline; Computer science or IT discipline; Technical discipline Security Clearance Requirements:  TS/SCI Physical, Work Environment & Conditions: Typical office environment. Must be able to sit or stand at a workstation for extended periods. Occasional standing while working in server rooms or at patch panels. Must be able to lift and move moderately heavy equipment (e.g., routers, switches, servers) typically up to 30–50 pounds. Manual Dexterity required for connecting cables, configuring devices, and handling small tools or components. Must be able to view computer screens for long periods. Ability to distinguish color-coded documents, cabling, and indicator lights. Must be able to climb ladders or crawl in tight spaces for cable runs or equipment installation. May require walking between different buildings or workstations. Must be able to communicate clearly with technical teams and end-users. May need to hear alarms, server beeps, or equipment noises indicating issues   This position description is not intended as, nor should it be construed as, exhaustive of all responsibilities, skills, efforts or working conditions associated with this job. This and all positions are eligible for organization-wide transfer. Management reserves the right to assign or reassign duties and responsibilities at any time.   Company Overview: FGS, LLC is an international, leading-edge provider of technical services to include Secure Information Systems, Security and Engineering and Intelligence Analysis. Our turn-key solutions include design, engineering, deployment operations, and sustainment of secure technology and critical infrastructure for the protection and safety of our customers' mission-critical information, processes, and personnel. Demonstrating an unyielding commitment to our customers, superior trust and dedication with our partners, and leading-edge technical expertise over the past seven years, FGS has experienced explosive growth providing superior services throughout the world, from North America and the Pacific Rim to the Middle East and Europe. FGS provides secure, leading-edge technology and process management services to military, government, and commercial clients worldwide. FGS offers a generous compensation package including health, dental, vision, 401(k), group life insurance, educational reimbursement, among other benefits. We value our employees and strive to offer many opportunities for professional growth. #cjpost – Cybersecurity FGS, LLC is an Equal Opportunity Employer as to all protected groups, including protected veterans and individuals with disabilities