Risk Management Framework Program Lead

Job Description

CSCI is seeking an experienced Risk Management Framework (RMF) Program Lead to provide cybersecurity risk management leadership and program oversight in support of the Department of Defense (DoD). The RMF Program Lead will oversee cybersecurity compliance, system authorization activities, and information assurance risk posture across complex enterprise environments. The role requires in-depth knowledge of DoD cybersecurity policies, NIST RMF processes, and DCWF 772 competencies to ensure mission systems maintain authority to operate (ATO) while enabling secure operations.

Responsibilities

• Lead the development, implementation, and management of RMF-based cybersecurity programs, ensuring compliance with DoD and Federal guidelines
• Serve as the Information Systems Security Manager (ISSM) for assigned systems, maintaining system security documentation, plans, and authorization artifacts
• Provide oversight of system security engineering and continuous monitoring activities to ensure sustained cybersecurity compliance
• Interface with Authorizing Officials (AOs), Program Managers, System Owners, and cybersecurity stakeholders to guide systems through RMF assessment and authorization processes
• Direct vulnerability management, risk assessments, and remediation tracking to maintain acceptable risk posture
• Ensure integration of DCWF KSATs (Knowledge, Skills, Abilities, and Tasks) for Work Role 772 into program execution, mentoring team members on RMF best practices
• Lead program-level audits, security control assessments, and readiness reviews
• Provide executive-level reporting on system cybersecurity status, risk posture, and compliance metrics

Minimum Requirements

• Bachelor’s degree in a technical discipline or related field
• Minimum of 10 years’ progressive experience in cybersecurity risk management roles
• Active Secret Security Clearance
• Certification: DoD 8570.01-M IAM Level III certification (e.g., CISSP, CISM, GSLC)
• Extensive experience with DoD Risk Management Framework (RMF) and NIST SP 800-53 controls
• Familiarity with enterprise-level security authorization packages, security control inheritance, and continuous monitoring strategies
• Strong knowledge of DCWF KSATs for Work Role 772 – Information Systems Security Manager [Advanced]
• Experience with eMASS, ACAS, HBSS, and other DoD cybersecurity tools
• Creativity and adaptability in problem-solving
• Ability to work with clients to understand their needs
• Strong organizational and time-management skills
• Excellent written and verbal communication skills
• Professional presence

Preferred Skills

• Prior experience as an ISSM or RMF Program Lead supporting DoD or Federal programs
• Proficiency with DoD cybersecurity tools and systems such as eMASS, ACAS, HBSS, and SCAP-compliant scanners
• Demonstrated success in developing RMF strategies, achieving ATOs, and maintaining continuous monitoring programs
• Excellent leadership, communication, and executive briefing skills
• Ability to work in a team environment, as well as independently
• Strong customer and vendor relationship skills
• Demonstrated ability to comply with data standards and policies
• Motivation to learn new technologies and methodologies that demonstrate value
• Past experience working with a federal agency
• Department of Defense experience is a plus!
  

About CSCI

CSCI is an award-winning information technology and financial management consulting firm founded on one simple philosophy: “Do what is right, always.” We apply this philosophy across all elements of our growing business, from delivering world-class services for customers to providing an environment where associates thrive both personally and professionally. At CSCI, work and fun aren’t diametrically opposed!

At CSCI, our goal is to hire people with proven track records and retain them with an energizing, diverse company culture. We value each associate’s natural drive to excel, and we provide them with the freedom to do things their way. CSCI seeks the best and brightest in the industry—those who are ready to move their lives and career forward. Join us today and get excited about Mondays again!

Benefits of Working at CSCI

• Competitive salaries
• Generous Paid Time Off (PTO) package
• Paid holidays aligned to the Federal calendar
• Full health benefits including medical, dental, vision, and life insurance 
• 401(k) retirement plan
• Team building events
• Professional development support 

Legal

CSCI complies with all applicable Federal, state, and local employment regulations. Please reach out to HR@csciconsulting.com with any questions. 

Equal Employment Opportunity

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. CSCI provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act.

If you require an accommodation, please contact CSCI Human Resources for further assistance. For questions regarding the qualifications listed above, please contact the CSCI Recruiting Team.

E-Verify

CSCI participates in E-Verify to confirm the employment eligibility of all newly hired employees. For more information, please visit www.dhs.gov/E-Verify. 

California Consumer Privacy Act (CCPA) Notice

As part of the application and recruitment process, CSCI Consulting, Inc. may collect personal information as described under the California Consumer Privacy Act (CCPA). 

This information is collected solely for employment-related purposes, including evaluating your qualifications, processing your application, and complying with legal obligations. 

By applying to this position, you acknowledge that you have read and understand the following notice regarding the collection of your personal information as a job applicant: 

• Categories of Information Collected: Personal identifiers, employment history, educational information, and any other information provided in your application or as part of the interview process.
• Purposes for Collecting Information: To review your application, assess your qualifications, and manage the hiring process.
• Retention and Security: Information collected will be retained indefinitely and will be securely stored and handled in accordance with CCPA guidelines and CSCI Consulting, Inc. policies.
• Rights of Applicants: Under CCPA, California residents have the right to request information about the personal data we collect, delete it, and request restrictions on certain uses. However, some information may be retained as required by law. 

For further information, or to exercise your rights under the CCPA, please contact CSCI’s HR team. 

Disclaimer

The above declarations are not intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be such a listing of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job.