Be on Alert – Fraudulent Employment Offers. Learn More
Working at ICF
Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you’re seeking to make a difference in the world, visit www.icf.com/careers to find your next career. ICF—together for tomorrow.
ICF seeks an RMF Specialist to support our federal client in standing up and maturing its Information Security Program. In this role you will utilize your experience as a cyber security professional to assist our federal client in implementing the NIST Risk Management Framework and (NIST SP 800-37 Rev 2). This position is part of a large, business analysis and management support services contract for a federal civilian agency and is based on our client site in Arlington, VA.
What you’ll be doing:
- Develop and document a strategy for implementing NIST 800-37 Rev 2 in the federal client environment, to include development of a detailed action plan.
- Develop draft implementation policies and procedures (including artifact templates) as needed to support the Risk Management Framework (RMF) Implementation Strategy.
- Develop presentation materials relating to the RMF Implementation Strategy for use in briefing executive and management-level stakeholders.
- Interface with cyber security and technical subject matter experts to gather information to inform the RMF Implementation Strategies.
- Use your experience with the NIST 800 series publications to develop new and update existing security policies, technical guidance, and SOPs.
- Lend cyber security and risk management expertise to a diverse set of enterprise programs and initiatives.
- Research, review, monitor, and report on industry best practices, latest cyber security developments and trends, standards, and guidelines, and apply these to the Federal environment.
- Identify and implement process improvement initiatives that contribute to and enhance the efficacy of the client’s Information Security Program.
- Direct experience with NIST standards and special publications is required.
- Knowledge of and direct experience with NIST 800-37 rev. 2 (RMF) and NIST Cybersecurity Framework (CSF).
- Direct experience with NIST 800-53 rev.4
- Experience working with Federal clients
- Familiarity with and experience assisting Federal agencies implement and align organizational security policies and practices to NIST 800-37 rev 2, as well as Office of Management and Budget (OMB) and Department of Homeland Security (DHS) policies and directives.
- Strong written and verbal communication skills
- Bachelor’s degree with 5+ years’ experience in implementing Cybersecurity and risk management best practices in Federal agencies
- Certifications that are strongly preferred (not required): CISM, CISA, CISSP, CAP and/or other security certifications.
- Experience developing security policy.
- Experience in designing and implementing security standards and best practices.
- Hands-on experience in establishing and maturing an organization’s Information Security Program.
- Program/project management experience.
- Strong analytical, problem-solving, and decision making capabilities.
- Strong written and verbal communication skills.
- Demonstrated history of positive customer-oriented interactions.
- Aptitude for working autonomously in a dynamic and fast-paced environment.
- Ability to multi-task and prioritize according to changing circumstances.
ICF is an equal opportunity employer that values diversity at all levels. (EOE – Minorities/Females/ Protected Veterans Status/Disability Status/Sexual Orientation/Gender Identity).
Reasonable Accommodations are available for disabled veterans and applicants with disabilities in all phases of the application and employment process. To request an accommodation please email email@example.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement.
Virginia Client Office (VA88)