Senior RMF Consultant

Dark Wolf Solutions is seeking a highly skilled Senior RMF Cybersecurity Consultant who will be the primary Subject Matter Expert (SME) and trusted advisor for a long-term contract.  The ideal candidate will possess a vast knowledge and experience around traditional and non-traditional accreditation practices while educating key stakeholders to make sound decisions. Having a firm understanding of Fast Track and Continuous Authority to Operate (cATO) will be critical to the success of the program. This position will be a hybrid remote/in-person role, based out of the Northern Virginia area, with some in-person activity in Tysons Corner, VA. Additionally, the candidate will:

• Be the “Face of RMF” for program stakeholders to include interfacing with Authorizing Officials (AO) and Security Control Assessors (SCAs).
• Educate stakeholders on “non-traditional” RMF accreditation approaches, to include Fast Track and cATO approaches.
• Support development and implementation of innovative methods to achieve compliance with government cybersecurity frameworks.
• Lead accreditation discussions for a large collaborative group consisting of government and contractor stakeholders.
• Interface with Integrated Product Team (IPT) - system engineering, configuration management, operations, physical security groups, etc.
• Solutioning security principles with IPTs through the entire system life cycle.
• Presentations to key stakeholders and government personnel to inform on various RMF and cyber relevant topics.
• Lead a team of RMF consultants to identify strategies and execute in an efficient manner.
   

Required Qualifications

• 10+ years of experience in consulting, information security, or a related field that includes demonstrated experience with NIST 800-37 rev.2, 800-53 rev.4 & 5, NIST 800-190, AFI 17-101, CNSS No. 1253.
• Strong understanding of Air Force risk management policies/procedures, to include, Fast Track ATO Handbook & AF Continuous ATO Playbook.
• Cloud Platform experience – AWS, Azure, Google GCP.
• Understanding of DevSecOps pipelines and software factory platforms.
• Hands-on with GRC tools like: eMASS, XACTA, RSA Archer, etc.
• DoD 8570 compliance with IAT Level III Required: CISSP, CISM, GSLC, CCISO.
• Advanced writing skills: able to clearly articulate ideas for executive level consumption. 
• Advanced problem-solving skills: able to use prior experience and knowledge to address new situations; especially during interactions with clients. 
• Advanced analytical skills: able to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interactions.
• B.A. or B.S. Information Security or related discipline.
• US Citizenship and an active Top Secret Security Clearance

Desired Qualifications:

• Experience assessing and documenting security for DevSecOps ecosystems that includes Kubernetes environments.
• Cloud based certifications.

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.