Senior Information Assurance – RMF SME

Posted by: Nimbis Services 2 weeks ago

Location:  Bowie, Maryland

Nimbis Services, Inc. is growing, and we are looking for a Senior Information Assurance – Risk Management Framework (RMF), Subject Matter Expert (SME). The responsibilities include researching and preparing for assessment of a complete RMF package for a complex, next generation cloud solution that will support Department of Defense mission applications in assured trusted microelectronics.  You will be on the leading edge of DoD transformation, providing security engineering and architecture expertise.  We are looking for someone that is very thorough, and with strong attention to detail.

Primary Responsibilities

  1. Assessing, validating, and applying specialized Cyber Security expertise to various stages of the solution.
  2. Assume lead in tracking, updating and building a significant body of evidence of the various controls in place for the solution.
  3. Work with various subject matter experts to identify gaps in the approach and mitigation strategies.
  4. Assess various operational changes and engineering design changes to determine the impact on the security posture of the solution.
  5. Reviewing results of various scanning tools, vulnerability assessments and STIG reviews to determine the systems compliance to various standards.

Required Qualifications

Bachelor’s Degree or equivalent number of years work experience

5-10 years of experience in supporting Information Technology (IT) environment

FedRAMP or DoD-cloud experience

An assessment and authorization (A&A) background to assist with eth planning aspects of the security aspects of the lifecycle of the solution.

A strong baseline understanding of the DoD Risk Management Framework process and a proven ability to:

  • Determine appropriate information types
  • Determine the systems security categorization
  • Select and tailor security control baseline
  • Assess the security controls

A strong knowledge of RMS policy and procedures

  • CNSSI 1253
  • DODI 8510.01
  • NIST SP 800-37
  • NIST SP 800-53
  • NIST SP 800-60 (Vols. 1 & 2)
  • FIPS 199
  • DoD Cloud Security Requirements Guide (SRG)

Meets DoD 8570 Certification

CISSP or other advanced Cyber Security Certification

Must be eligible to access export controlled (ITAR) equipment and data. To conform to U.S. Government export regulations, the applicant must be U.S. citizen or lawful permanent resident.

Preferred Qualifications

Microsoft Azure or AWS experience and certifications desired

Experience in public cloud, private cloud or multitenant environments desired

Company Description

Nimbis Services, Inc. is a privately held software company delivering web-based technical computer application services hosted on cloud and high-performance computing (HPC) platforms.  Our software development environment is an open and collaborative one that is team oriented, creative and fun, with a focus on high integrity and customer satisfaction. Our goal is to outperform the competition in the areas of employment, service, security and safety.  We strive to provide high quality products and services to our customers.  We consider the employees of Nimbis to be our most valuable resource.  The work and attitude of our employees is important to the success of Nimbis.  Learn more about Nimbis at

We offer competitive benefits that include a flexible work schedule, competitive salary and full benefits. The benefits include medical, dental, vision, 401K and 10% profit bonus equity plan. In addition, you will receive paid time for holidays, vacation, sick days and end of year shutdown.

Nimbis Services is an Equal Employment Opportunity (EEO) Employer.

If you are interested in joining the team, please send your resume to and let us know your position of interest. We look forward to talking to you further!