We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Life Cycle Engineering jobs

RMF Specialist

Life Cycle Engineering
sick time, 401(k)
United States, Pennsylvania, Philadelphia
4900 South Broad Street (Show on map)
Jan 12, 2026
RMF Specialist

Position Summary:

As RMF Specialist, you will produce and maintain RMF artifacts related to the authorization or de-authorization of assigned RMF packages pertaining to the systems under the cognizance of our client the Naval Surface Warfare Center Philadelphia Division (NSWCPD). You will create and maintain Assessment and Authorization (A&A) packages and artifacts, create and maintain the package record in the RMF system of record (currently eMASS), and recommend security posture improvements. You will also provide subject matter expertise in RMF life cycle management, including security controls assessment, hardware/software list management, Plan of Actions and Milestones (POA&M) management, creation/revision/maintenance of RMF A&A Package artifacts, and supporting the accreditation process from Step 1 thru Step 6 as needed. This work is to be performed at the Philadelphia Navy Yard.

Clearance Requirements:

  • Must be a US citizen with an Active DoD Secret Clearance


Essential Functions and Responsibilities:

  • Review existing policies, procedures and guidelines to ensure compliance with NSWCPD and Navy Cyber Security/Information Assurance (IA) Policy
  • Review and comment on program documentation and key processes (e.g. Drawings, Data Item Descriptions, Contract Data Requirements Lists, Concept of Operations, Integrated Support Plan, Software Acquisition, Development and Integration Plan, Software Requirements Specification and asset design drawings/documentation)
  • Maintain a Plan of Action and Milestone (POA&M) for all A&A-related tasks and deliverables in accordance with the Standard Operating Procedures
  • Document A&A-information in the A&A Package consistent with all other Packages, and ensure that there are no omissions
  • Input reports in eMASS, or deliver in MS Office-products/Visio and PDF formats, as appropriate
  • Track deliverables and action items in accordance with A&A guidance
  • Ensure package compliance with stated of existing DoN and DoD policies
  • Manage, attend, and support configuration control board practices
  • Perform risk management and security engineering for Zone D boundaries to include IAVM support, remediation, patching, scanning
  • and associated boundary maintenance
  • Determine a system's compliance with all applicable Controls and Assessment Procedures (Client) for an assigned DoN system, including developing the appropriate test procedures, if necessary; executing the test procedures; and accurately documenting the results of security testing
  • Ensure RMF artifacts are in compliance with published Navy, NAVSEA Business Rules (OPNAV N2N6 and/or NAVSEA), NIST SP-800-37 and SP-800-53 Rev 5.
  • Collect and collate system or site information and use it to evaluate and document in eMASS the security posture of the IT system being Assessed, Authorized, and maintained
  • Review security assessment plans, test plans, and procedures to ensure they addresses the correct level of effort and are sufficiently comprehensive to assess all IA requirements applicable to the IT system, for assessment, authorization, and maintenance have been met
  • Optimize A&A testing procedures to ensure the most accurate reporting in the appropriate format and that all IA requirements have been addressed. Evaluate all discrepancies and recommend potential mitigation measures for reducing or eliminating specific risks
  • Work with the Information System Owner/ISSO/ISSE/ for applicable remediation and/or mitigation of weaknesses and to determine the adequate level of residual risk
  • Create and verify the accuracy of POA&Ms and Risk Assessments as identified by vulnerability actual test results
  • Ensure information systems are operated, used, maintained, and disposed of in accordance with security policies and practices as required by the authorization package and NSWCPD.



Required Education, Skills, and Experience:

  • IAM Level I compliant (Security+ certification or equivalent)
  • Experience with security features and/or vulnerability of various operating systems as defined by NSA, NIST, DISA and USCYBERCOM.
  • Experience with IA vulnerability testing and related and system test tools: ACAS/Tenable Nessus), Security Technical Implementation Guides (STIG
  • Experience with eMASS


Preferred Education, Skills, and Experience:

  • Bachelor degree
  • Two (2) years' experience with DIACAP or RMF package creation.


Physical Demands and Expectations:

  • Regular physical activity to include walking, climbing stairs, and standing; frequent periods of prolonged sitting may be required.
  • Ability to speak, read, hear, and write, with or without assistance.
  • Ability to use phone and computer systems, copier, fax and other office equipment.



This position description represents a summary of the major components and requirements of the outlined job. Other duties and responsibilities may be assigned or required as business needs dictate. Questions regarding this description should immediately be addressed to the department manager or to Human Resources.
LIFE CYCLE ENGINEERING

Life Cycle Engineering (LCE) is a privately held, employee-owned company with an emphasis on "doing the right thing the right way", which applies to the way we treat our customers and employees. We are proud to have been recognized as a "Best Place to Work" in Engineering and in many states and local communities in which we work! Learn more below and at www.lce.com.

Mission

Our mission is to enable people and organizations to achieve their full potential.

As a professional services organization, our mission is focused on our clients' people and organizations. It is our company's cornerstone belief that we will not lead the industry in assisting our clients unless we excel at helping our own people and teams reach their full potential.

Culture

Our corporate culture encourages personal and professional growth because LCE's success depends on the talent, innovation, professionalism, and commitment of its employees. LCE is a strengths-based organization focused on turning individual talents into strengths and then turning individual strengths into organizational performance that supports our clients' success.

Benefits

  • Affordable Medical/Dental/Vision Plans for employees and their families
  • Free Employee Life and Disability Insurance, with supplemental coverage options available
  • Health Savings Account and Flexible Savings Account options
  • Company matched 401(k) & company-funded Employee Stock Ownership Program (ESOP)
  • Paid Vacation, Holiday, Sick Leave
  • Continuing Education and Professional Development programs at all levels
  • Flexible Schedules and Relaxed Dress Code
  • Employer-sponsored events, social collaboration, and open communication
  • Free access to an extensive online training library, including certification prep
  • Bonus Program for outstanding contributions, Employee Referral Program, numerous Recognition Opportunities, and more...


*Benefits may vary by business unit and location.

Life Cycle Engineering is an equal opportunity employer and makes all employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, age, disability, genetic information, application for or service in the military or status as a disabled veteran or veteran, because of or on the basis of pregnancy, childbirth, or related medical conditions, including, but not limited to, lactation, and any other status protected by applicable state or federal law.
Applied = 0
MORE JOBS LIKE THIS

(web-df9ddb7dc-hhjqk)