RMF Process Lead (R-00177)

Posted Yesterday
Be an Early Applicant
Hiring Remotely in USA
Remote
Senior level
Professional Services
The Role
Own and manage the end-to-end RMF lifecycle and transition current-state workflows to a standardized, target-state GRC/RMF platform. Lead requirements gathering, translate processes into system configurations, validate migrations, establish governance, coordinate testing and UAT, develop training, monitor authorization timelines and POA&M remediation, and provide leadership reporting and continuous improvement recommendations.
Summary Generated by Built In
True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that those outcomes begin and end with our people, and that is what we have built a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top-tier services to our customers. Our culture and commitment have been recognized through numerous accolades, including being named one of the Best Places to Work in 2023 in two categories (“Prosperous and Thriving” ($5MM–$50MM in gross revenue) and “Mid-Atlantic Region” (DC, DE, MD, NC, VA, WV)), and again in 2025 as a Best Places to Work honoree. In addition, True Zero earned coveted spots on the Inc. 5000 list of fastest-growing companies in America in 2022, 2023, and 2025, a testament to our sustained growth driven by our people-first approach and unwavering dedication to excellence.

Position Responsibilities

    Roles and Responsibilities
    • Own and manage the end-to-end RMF lifecycle, including system categorization, control selection, implementation, assessment, authorization, continuous monitoring, and system disposal.
    • Assess and document current-state RMF processes, workflows, roles, data requirements, dependencies, pain points, and approval paths.
    • Design and implement standardized target-state RMF processes aligned with NIST, federal agency, and organizational requirements.
    • Translate existing RMF workflows, business rules, security documentation, control data, and authorization activities into the new GRC or RMF platform.
    • Serve as the primary functional subject matter expert for the new RMF solution, including its workflows, data model, configurations, reporting, and user capabilities.
    • Lead requirements-gathering sessions with system owners, ISSOs, ISSMs, security control assessors, authorizing officials, engineers, and compliance stakeholders.
    • Define functional requirements, user stories, acceptance criteria, workflow rules, role-based permissions, notifications, and approval processes.
    • Review and validate the migration of system records, security controls, assessment results, POA&Ms, authorization packages, evidence, and supporting documentation.
    • Identify process gaps, data-quality issues, control-mapping inconsistencies, and configuration deficiencies, and coordinate corrective actions.
    • Establish RMF governance standards, operating procedures, templates, process guides, decision points, and quality-control requirements.
    • Coordinate solution testing, user acceptance testing, process validation, defect resolution, and production-readiness activities.
    • Develop training materials and provide role-based training, demonstrations, and knowledge transfer for users of the new RMF solution.
    • Monitor RMF process performance, authorization timelines, control-assessment status, POA&M remediation, and continuous-monitoring activities.
    • Provide leadership with dashboards, status reports, risk summaries, implementation updates, and recommendations for process improvement.
    • Drive user adoption and continuous improvement by incorporating stakeholder feedback, regulatory changes, lessons learned, and emerging cybersecurity requirements.
    •  

Position Qualifications

  • Bachelor’s degree in cybersecurity, information technology, information systems, engineering, business, or a related field.
  • Eight or more years of experience supporting cybersecurity governance, risk management, compliance, security authorization, or RMF programs.
  • Demonstrated experience leading or owning end-to-end RMF processes within a federal government or highly regulated environment.
  • Expert knowledge of NIST RMF, NIST SP 800-37, NIST SP 800-53, FIPS 199, FIPS 200, and continuous-monitoring requirements.
  • Experience translating current-state business processes into standardized target-state workflows within a new technology platform.
  • Experience implementing, configuring, migrating to, or supporting enterprise GRC or RMF platforms such as RegScale, ServiceNow GRC, RSA Archer, eMASS, Xacta, CSAM, or equivalent solutions.
  • Strong understanding of authorization packages, System Security Plans, security controls, assessment procedures, POA&Ms, risk assessments, and authorization decisions.
  • Experience facilitating process-mapping, requirements-gathering, solution-design, testing, and stakeholder-validation sessions.
  • Ability to translate technical, regulatory, and operational requirements into clear system configurations, workflows, and user procedures.
  • Strong analytical, documentation, presentation, communication, and stakeholder-management skills.
  • Experience leading cross-functional teams and coordinating with system owners, cybersecurity personnel, assessors, engineers, program managers, and executive leadership.
  • Ability to identify process risks, resolve competing requirements, and guide stakeholders toward standardized enterprise solutions.

Role Summary

    The RMF Process Lead will own and govern the organization’s Risk Management Framework processes and lead the transition from current-state RMF workflows to a modernized target-state solution. This role requires deep knowledge of federal cybersecurity requirements, security authorization processes, control implementation, and enterprise GRC platforms. The RMF Process Lead will serve as the functional subject matter expert for the new solution, translate existing processes and data into optimized workflows, and ensure consistent adoption across cybersecurity, system owner, assessor, and authorization teams.

Skills Required

  • Bachelor's degree in cybersecurity, information technology, information systems, engineering, business, or related field
  • Eight or more years of experience supporting cybersecurity governance, risk management, compliance, security authorization, or RMF programs
  • Demonstrated experience leading or owning end-to-end RMF processes within a federal government or highly regulated environment
  • Expert knowledge of NIST RMF, NIST SP 800-37, NIST SP 800-53, FIPS 199, FIPS 200, and continuous-monitoring requirements
  • Experience translating current-state business processes into standardized target-state workflows within a new technology platform
  • Experience implementing, configuring, migrating to, or supporting enterprise GRC or RMF platforms such as RegScale, ServiceNow GRC, RSA Archer, eMASS, Xacta, CSAM, or equivalent
  • Strong understanding of authorization packages, System Security Plans, security controls, assessment procedures, POA&Ms, risk assessments, and authorization decisions
  • Experience facilitating process-mapping, requirements-gathering, solution-design, testing, and stakeholder-validation sessions
  • Ability to translate technical, regulatory, and operational requirements into clear system configurations, workflows, and user procedures
  • Strong analytical, documentation, presentation, communication, and stakeholder-management skills
  • Experience leading cross-functional teams and coordinating with system owners, cybersecurity personnel, assessors, engineers, program managers, and executive leadership
  • Ability to identify process risks, resolve competing requirements, and guide stakeholders toward standardized enterprise solutions
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Washington, DC
31 Employees
Year Founded: 2016

What We Do

True Zero Technologies is a Professional Services firm and authorized product reseller. Made up of passionate technologists, TZT delivers services for both the public and private sector, creating unique and scalable solutions based on business context driven requirements. TZT is rapidly expanding it's team to meet demand, we have many opportunities including long-term, multi-year contracts supporting Splunk instances large and small with ample opportunity to help shape large operational and security programs. Apply today! https://truezerotech.applicantpro.com/jobs/

Similar Jobs

General Motors Logo General Motors

Sales Manager

Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
Remote or Hybrid
United States
165000 Employees
81K-109K Annually

General Motors Logo General Motors

Contract Manager - GM Defense

Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
Remote or Hybrid
Warren, MI, USA
165000 Employees
106K-141K Annually

General Motors Logo General Motors

Social Media Specialist

Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
Remote or Hybrid
United States
165000 Employees
80K-109K Annually

General Motors Logo General Motors

Cadillac Influencer Marketing Lead

Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
Remote or Hybrid
United States
165000 Employees
106K-141K Annually

Similar Companies Hiring

ABN AMRO Clearing USA LLC Thumbnail
Information Technology • Professional Services • Financial Services
Chicago, IL
215 Employees
Fora Thumbnail
Agency • On-Demand • Professional Services • Sales • Software • Travel • Hospitality
New York, NY
200 Employees
Energy CX Thumbnail
Greentech • Professional Services • Business Intelligence • Consulting • Energy • Financial Services • Utilities
Chicago, IL
108 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account