This page was automatically translated and may contain errors. View in English.
T

RMF Process Lead

True Zero Technologies

Maseru, Lesotho • Vollzeit

Bewerben Sie sich als Erste/r!

Erfahrung
Ab 8 Jahren
Gehalt
Stellenangebote
1
Veröffentlicht
vor 9 Stunden
Arbeitsmodus
Im Büro
Ausbildung
Bachelor-Abschluss
Wieder aufnehmen
Bewerbung erforderlich

Wo Sie arbeiten werden

Stellenbeschreibung

About True Zero Technologies

True Zero Technologies is a veteran-owned small business committed to empowering people and technology to enhance organizational outcomes. The company fosters a dedicated community of professionals focused on delivering exceptional services. Recognized repeatedly for excellence, True Zero was named among the Best Places to Work in 2023 and 2025 and featured on the Inc. 5000 list of fastest-growing companies in the US for multiple years.

Role Overview

The RMF Process Lead will be responsible for managing and directing the entire Risk Management Framework (RMF) lifecycle, overseeing the transition to a modernized RMF solution, and ensuring standardized processes aligned with federal and organizational cybersecurity standards.

Key Responsibilities

  • Manage all phases of the RMF lifecycle including categorization, control selection, implementation, assessment, authorization, continuous monitoring, and system disposal.
  • Analyze and document existing RMF processes, workflows, roles, data dependencies, pain points, and approval chains.
  • Develop and enforce standardized RMF processes compliant with NIST, federal agency, and organizational mandates.
  • Adapt current RMF workflows, business rules, security documentation, controls, and authorization tasks into the new GRC or RMF software platform.
  • Serve as the main functional expert for the RMF solution covering workflows, data modeling, configurations, reporting, and user features.
  • Lead requirements gathering with system owners, cybersecurity officers, assessors, authorizing officials, engineers, and compliance teams.
  • Define detailed functional requirements including user stories, acceptance criteria, workflow rules, permissions, notifications, and approval procedures.
  • Review and ensure accurate migration of system records, control assessments, POA&Ms, authorization packages, evidence, and documentation.
  • Identify and address process gaps, data quality issues, control inconsistencies, and system configuration defects.
  • Develop RMF governance policies, operating procedures, templates, process manuals, decision frameworks, and quality controls.
  • Coordinate testing, user acceptance, process validation, defect management, and readiness activities for the new RMF system.
  • Create training content and conduct role-specific training, demonstrations, and knowledge transfer sessions.
  • Monitor RMF performance metrics such as authorization timelines, control assessments, POA&M remediation, and continuous monitoring.
  • Provide leadership with dashboards, status updates, risk assessments, implementation progress, and process improvement recommendations.
  • Promote user adoption and continuous enhancement by integrating stakeholder feedback, regulatory changes, lessons learned, and evolving cybersecurity requirements.

Candidate Qualifications

  • Bachelor's degree in cybersecurity, IT, information systems, engineering, business, or a related discipline.
  • At least 8 years experience supporting cybersecurity governance, risk management, compliance, authorization, or RMF programs.
  • Proven leadership or ownership of end-to-end RMF processes in federal or highly regulated sectors.
  • In-depth expertise with NIST RMF, NIST SP 800-37, 800-53, FIPS 199, FIPS 200, and continuous monitoring standards.
  • Experience in translating business processes into standardized workflows within new technology platforms.
  • Familiarity with enterprise GRC or RMF platforms such as RegScale, ServiceNow GRC, RSA Archer, eMASS, Xacta, or CSAM.
  • Comprehensive understanding of authorization packages, System Security Plans, security controls assessments, POA&Ms, risk assessments, and authorization decision processes.
  • Ability to facilitate process mapping, requirements gathering, solution design, testing, and validation with stakeholders.
  • Strong skills in converting technical and regulatory requirements into clear configurations, workflows, and user processes.
  • Excellent analytical, documentation, communication, and stakeholder management competencies.
  • Experience leading cross-functional teams including system owners, cybersecurity personnel, assessors, engineers, program managers, and executives.
  • Capability to identify risks, resolve conflicting requirements, and direct stakeholders towards uniform enterprise solutions.

Additional Information

This role involves serving as the functional expert for the organization's RMF processes and leading the migration to an advanced RMF platform. The company utilizes artificial intelligence tools to assist in recruitment processes, but all hiring decisions are finalized by human evaluation. Candidates may request further details regarding data processing if desired.

Lassen Sie es so, wenn Sie eine Antwort wünschen – wir werden es für nichts anderes verwenden.

Zum Durchsuchen klicken, per Drag & Drop, oder Paste ein Screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Maximal 20 MB pro Datei · Bis zu 5 Dateien

🤖
Online · Sofortige KI-Hilfe