Manage one or more information systems throughout the full six-step RMF lifecycle, including assessment, authorization, and continuous monitoring activities
Serve as an RMF Subject Matter Expert (SME), advising stakeholders on cybersecurity compliance, risk posture, and ATO readiness
Develop, review, and maintain RMF packages and associated documentation, including Security Plans, POA&Ms, Risk Assessment Reports, and security control policies
Assess system compliance against NIST SP 800-53 controls and DHA RMF requirements as part of self-assessment and annual reviews
Document and maintain evidence supporting control implementation and compliance
Lead and participate in A&A and stakeholder meetings to track system status, resolve issues, and drive RMF progress
Coordinate with engineers and system owners to develop architecture diagrams, system asset inventories, and security policies
Prepare and deliver status reports to DHA leadership on system authorization and compliance efforts

Active DoD Secret security clearance
Bachelor’s degree in cybersecurity, information technology, or related field with 10+ years of experience; or 18+ years of relevant cybersecurity/IT experience in lieu of a degree.
DoD Manual 8140.03 (formerly 8570.01)-compliant certification (e.g., Security+, CISSP, CASP+/SecurityX)
Demonstrated experience performing RMF activities as an ISSO/ISSM/SME, including ATO process support and RMF package development (Security Plans, POA&Ms, architecture diagrams, system security policies, etc.)
Demonstrated experience assessing and documenting NIST SP 800-53 controls
Experience using Microsoft Office applications: Word, PowerPoint, Excel, and SharePoint

KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match
medical, dental, vision, life insurance, AD&D
flexible spending account
disability
paid time off
flexible work schedule
We support career advancement through professional training and development

RMF Cybersecurity ISSO/SME 4

Key skills