Sr. RMF Security Engineer
$131,300–$237,350 year
On-site · San Diego, California, United States
Job Summary
The Sr. RMF Security Engineer will ensure compliance with federal cybersecurity standards for information systems within the U.S. Department of Defense environment. Key responsibilities include guiding projects through the RMF lifecycle, implementing security controls, conducting risk assessments, continuous monitoring, and vulnerability management. Candidates are required to have a Bachelor's degree in a relevant field and substantial experience, specifically focusing on NIST standards and DoD compliance. Preferred skills include automation capabilities in Python and understanding of Zero Trust architecture.
Required Qualifications
- Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science or related field
- BS with 12+ years’ experience or MS with 10+ years’ experience
- DoD 8570 approved security certification (e.g. Security +)
- US citizenship
- Active Secret DoD security clearance
- Deep knowledge of NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, FedRAMP, and DoD Instruction 8510.01 (DIARMF)
- Experience preparing System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action & Milestones (POA&M)
- Conducting risk assessments, vulnerability scans, and penetration testing
- Experience with eMASS SCAP tools (e.g., Nessus, Tenable.sc, OpenSCAP)
- Experience with SIEM tools (e.g., Splunk, ArcSight)
- STIG compliance (DISA STIGs, SCAP benchmarks)
Desired Qualifications
- Python, Bash, PowerShell for automation
- Understanding NIST SP 800-207 (Zero Trust Architecture)
- CMMC 2.0
- COMSEC Understanding
- CISSP Certification
Additional Requirements
- Position requires US citizenship
- Active Secret DoD security clearance required
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.