Position Overview
SMX Services & Consulting, Inc. is seeking an RMF, Security & ATO Manager to support the Department of Veterans Affairs Health Applications Platform Services (HAPS) program. HAPS is an AWS GovCloud/EKS-hosted enterprise cloud platform supporting secure application development, hosting, DevSecOps/SRE, cybersecurity, and operational services for more than 300 VA applications and services.
Position Summary
Lead RMF, cybersecurity compliance, ATO/ATC activities, continuous monitoring, POA&M management, audit support, risk reporting, and authorization maintenance for mission-critical HAPS environments.
Key Responsibilities
• Oversee RMF implementation, cybersecurity compliance, and authorization activities.
• Manage ATO/ATC support, security documentation, risk mitigation, and compliance reporting.
• Coordinate with Program Management, Technical Directors, COR, Government cybersecurity teams, and leadership.
• Support continuous monitoring, vulnerability management, POA&M tracking, and audit/assessment activities.
• Maintain awareness of authorization status, security findings, risks, and remediation efforts.
Required Skills & Experience
• RMF, ATO/ATC support, cybersecurity compliance, and continuous monitoring
• POA&M management, vulnerability remediation, audit support, and risk reporting
• Experience managing RMF and ATO processes for enterprise or mission-critical systems
• Federal Government cybersecurity and cloud/hybrid systems experience
• Strong knowledge of Federal security frameworks and compliance processes
Preferred Experience
VA cybersecurity environments, VAEC, NIST SP 800-53, FISMA, FedRAMP, eMASS or similar GRC tools, vulnerability scanning, POA&M management, and ATO renewal support.
Education
Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, Information Systems, or related field preferred.
Preferred Certifications
CISSP, CISM, CGRC/CAP, Security+, AWS Security Specialty, CEH, GSEC.