Risk Management Framework (RMF) Specialist - (Onsite - Belleville, IL)

Client: USAF, Air Mobility Command

Work Location: Scott Airforce Base, Belleville, Illinois

Reporting Hours: Onsite M-F, Central Standard Time

Clearance: Active DoD Secret Clearance with the ability to obtain Top Secret or TS/SCI

Travel: None at this time

Geocgi is seeking an experienced Risk Management Framework Specialist to oversee and manage cybersecurity processes and ensuring compliance for the United States Air Force Program at Scott Air Force Base, Illinois (St. Louis area). The Risk Management Framework Specialist is responsible for implementing and maintaining the RMS process within the organization, specifically for systems and applications deployed on Amazon Web Services (AWS) cloud infrastructure. The Risk Management Framework Manager/Specialist will also be responsible for preparing and maintaining Authority to Operate (ATO) documents, as well as providing guidance and training to other members of the organization on RMF-related matters. This position’s location is at U.S. Scott Air Force Base in Illinois (St. Louis area- Belleville, Illinois).

Key Responsibilities:

• Lead the implementation of the Risk Management Framework (RMF) for the U.S. Air Force information systems, ensuring compliance with Department of Defense (DoD) and U.S. Air Force cybersecurity polities.


• Conduct security control assessments and validate the effectiveness of implemented controls for information systems.


• Perform risk assessments to identify vulnerabilities, threats and risks to information systems and recommend appropriate mitigation strategies for implementation and hardening.


• Prepare and maintain Risk Management Framework documentation including but not limited to System Security Plans (SPPs), Plan of Action and Milestones (POA&Ms) and Risk Assessment Reports.


• Implement and manage continuous monitoring strategies to ensure ongoing assessment and authorization of information systems.


• Work closely with system owners, developers, and other stakeholders to ensure security requirements are integrated throughout the system development lifecycle.


• Support internal and external audits, reviews, and inspections related to information system security.


• Ensure alignment with current Air Force cybersecurity policies, standards, and regulations, and recommend updates to cybersecurity policies as needed.


• Mentor and guide junior staff in performing these tasks, providing training and support to enhance their skills and ensure adherence to best practices and U.S. Air Force standards.

As an employee of geocgi, the Risk Management Framework Specialist will have access to a generous benefits package, in addition to a corporate culture and community of GIS geeks. Our benefits include but are not limited to:

• Competitive salaries, commensurate with experience and leading Federal Contractors in the geospatial industry.


• Opportunities for upward mobility in a dynamic fast paced environment within a small company.


• Merit-based spot and end of year bonuses.


• Safe Harbor 401(k) plan with immediate vesting.


• Flexible work hours and PTO.


• Complete Medical, Dental, and Vision coverage for individuals.


• Company paid training, certifications, and professional growth and development.

The following are requirements of the Risk Management Framework Specialist:

• US Citizen with a DoD Top Secret/SCI Clearance or ability to obtain and maintain.


• Minimum of a Bachelor’s degree in Cybersecurity, Information Technology, Computer system or related field.


• 5+ years of hands-on experience in Cybersecurity with a minimum of 3 years specializing in Risk Management Framework processes and DoD information systems


• Proficiency in Risk Management Framework tools and technologies, such as eMASS (Enterprise Mission Assurance Support Service) and vulnerability assessment tools (e.g., Nessus, ACAS, SCAP).


• In-depth knowledge of NIST Special Publications (SP) 800-37, 800-53, and 800-171, as well as DoD Instruction 8510.01 and related guidelines.


• Excellent verbal and written communication skills, with the ability to clearly explain complex cybersecurity concepts to both technical and non-technical audiences.


• Skilled in communicating effectively with military command staff, contractors, and civilians, ensuring clear and concise information exchange across diverse groups and stakeholders.


• Ability to manage multiple projects, meet deadlines, and work both independently and collaboratively, with a passion for location-based problem-solving to support business and mission-critical challenges.


• Proficient with Microsoft Office Suite (Word, Excel, PowerPoint, Outlook).

The following are preferred or be willing to obtain and maintain for the Risk Management Framework Specialist:

• CompTIA Security+ Certification.


• Certified Information Systems Security Professional (CISSP).


• Certified Authorization Professional (CAP).

The annual base salary range for this position is anticipated to be $80,000 - $100,000 USD. The listed salary range represents our good faith estimate for this position. Please note that the salary information is a general guideline only. Geocgi considers factors such as (but not limited to) scope and responsibilities of the position, candidate’s education & work experience, training & certifications, and key skills as well as market and business considerations at the time of the offer.

Geocgi provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.