RMF Cybersecurity Analysts
Company: Dark Wolf Solutions
Location: Herndon
Posted on: April 1, 2026
|
|
|
Job Description:
Dark Wolf is seeking RMF Cybersecurity Analysts to specialize in
the roles described below including: Information System Security
Officers (ISSOs), Vulnerability Managers & POA&M Managers to
join a collaborative team to develop, manage, and maintain the
security posture of information systems with a focus on Assessment
and Authorization (A&A), continuous monitoring and compliance
with NIST & RMF. As an ISSO, POA&M Manager and/or Vulnerability
Manager you will support your team and customer through
authorization process planning, execution, and deployment ensuring
high standards of security and compliance. This position will be
based out of NoVA with hybrid/remote opportunity. Key
responsibilities will include: Implementing cybersecurity best
practices and identifying opportunities to improve efficiency and
effectiveness Supporting cybersecurity activities through all
aspects of the systems’ life cycle from planning, development, and
deployment while ensuring proper hardening and security analysis is
enforced to protect the Confidentiality, Integrity, and
Availability of the environment Supporting the Risk Management
Framework (RMF) lifecycle ISSO Specific Requirements: Creating,
managing, and maintaining A&A packages Preparing system
documentation to include System Security Plans (SSPs), Security
Control Traceability Matrices (SCTMs), Plans of Action and
Milestones (POA&Ms), and security artifacts Managing and
implementing Continuous Monitoring activities, consisting of
periodical reviews of controls, audits, vulnerability scans, and
penetration test reports Coordinating proper security control
implementation with system administrators and engineers Supporting
the entry and maintenance of data into information system security
systems of record, such as eMASS or Xacta, as necessary
Vulnerability Manager Specific Requirements: Operating Scanning
tools to detect vulnerabilities, misconfigurations, and outdated
software Analyzing scan results with the ability to discern between
system risks and false positives Prioritizing vulnerabilities
Coordinating vulnerability management POA&M Manager Specific
Requirements: Compiling system vulnerabilities to include
identifying remediation and mitigation requirements with the
ability to provide fix actions and compensating controls Tracking
deadlines, SLAs, and ongoing statuses of efforts, to include
remediation and closures Performing POA&M maintenance Verifying
validity and completion of remediation actions, ensuring proper
documentation and artifacts Generating reports for leadership and
auditors Required Qualifications: Bachelor’s Degree in Computer
Science or related field 3 years of relevant Cyber experience
Experience as an RMF Engineer, ISSO, Information Assurance
Engineer, Vulnerability Manager, POA&M Manager or like
specialty Hands-on Tool experience associated to role Experience
with NIST 800-53 and CNSSI 1253 Experience with risk management
policies/procedures, to include DODI 8510.01 Ability to use prior
experience and knowledge to address new situations; especially
during interactions with clients Ability to communicate on
technical subjects using clear, concise, non-technical language to
include strong written communications, ability to provide written
feedback on documents, and ability to prepare briefings 2 years of
demonstrated knowledge and technical skills in: network
architecture, configuration of a local area network (LAN), and
securing operating systems 5 years of experience with Microsoft
Windows Server, Windows 10, Windows 11, Microsoft Office Suite
(Word, Excel, PowerPoint), Apple/MAC OS, Unix/Linux systems, and
virtualization software (VMware, Hyper-V, Virtual Box) Experience
using vulnerability and compliance assessment tools such as Nessus,
SCAP, or App Detective At least one (1) of the following cyber
security certifications: Security CE, SSCP, CAP, CISM, CASP, CISSP,
GSEC, GICSP, GSLC, CEH, CDNA, CSSLP US Citizenship and have a
Secret security clearance Desired Qualifications: Two (2) or more
of the following certifications: Security CE, SSCP, CAP, CISM,
CASP, CISSP, GSEC, GICSP, GSLC, CEH, CDNA, CSSLP Demonstrated
experience giving technical guidance to system administrators Three
(3) or more years of experience with the IC Community’s/Sponsor’s
A&A process, ICD 503, and NIST Risk Management Any additional
certifications relevant to system and cyber security not previously
listed Knowledgeable with the Air Force A&A process and
requirements Knowledge of SIEM tools such as Splunk/Elastic
Knowledgeable with DoD DevSecOps Fundamentals Playbook Experience
assessing technical environments and translating implemented
security controls into clear NIST SP 800-53 control narratives and
supporting Authorization to Operate (ATO) documentation Cloud
Platform familiarity with at least one service offering from AWS,
Azure, or Google GCP ACAS training The salary range for this
position is estimated to be between $100,000.00 - $150,000.00,
commensurate on experience and technical skillset. We are proud to
be an EEO/AA employer Minorities/Women/Veterans/Disabled and other
protected categories. In compliance with federal law, all persons
hired will be required to verify identity and eligibility to work
in the United States and to complete the required employment
eligibility verification form upon hire. We are strictly looking
for direct, full-time W2 employees. We do not engage with
third-party staffing agencies, C2C, or 1099 independent contractors
for this role.
Keywords: Dark Wolf Solutions, Harrisburg , RMF Cybersecurity Analysts, IT / Software / Systems , Herndon, Pennsylvania
