NIST Risk Management Framework SME

About Boston Government Services, LLC. (BGS)

Boston Government Services, LLC. (BGS) is an engineering, technology, and security firm dedicated to advancing missions of national importance for government programs, national laboratories, national security facilities, nuclear operations, and complex projects. We provide comprehensive support from strategic planning and program management to engineering and technical execution. Our commitment to attracting and retaining top talent ensures exceptional results for our clients. We thrive in complex, secure, and highly regulated environments, leveraging our expertise to deliver mission-driven solutions tailored to client needs.

Our Culture

At BGS, we foster a culture of openness, inclusivity, and respect, encouraging employees to bring their whole selves to work. We prioritize employee well-being through a comprehensive benefits package and a work environment that promotes exciting work, excellence, and fun. If you align with our values, we invite you to explore opportunities with our growing team.

NIST Risk Management Framework SME Responsibilities

• Lead RMF activities for federal systems, ensuring compliance with NIST SP 800-53 and related standards.
• Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms).
• Conduct gap analyses and risk assessments to identify compliance deficiencies and recommend remediation strategies.
• Provide expert guidance on security control implementation and documentation for Authorization to Operate (ATO) packages.
• Support security audits and assessments, including preparation for FISMA and FedRAMP requirements.
• Deliver training and workshops on RMF processes and NIST SP 800-53 controls.
• Collaborate with system owners, ISSOs, and other stakeholders to ensure continuous monitoring and risk mitigation.

Requirements

• Bachelor’s degree in Cybersecurity, Information Systems, or related field (or equivalent experience).
• Minimum 5 years of experience in cybersecurity compliance, with at least 3 years focused on RMF and NIST SP 800-53.
• Demonstrated experience developing SSPs, POA&Ms, and conducting security assessments.
• Strong understanding of NIST SP 800 series (800-53, 800-37, 800-171) and FISMA requirements.
• Professional certifications such as CISSP, CISM, CISA, or equivalent are required.
• Excellent technical writing and communication skills for compliance documentation.

Preferred Qualifications

• ISSEP (formerly CISSP-ISSEP) certification.
• Experience with cloud security and FedRAMP controls.
• Ability to lead compliance workshops and mentor junior staff.

Location/Work Arrangement

This position is a Remote Work Arrangement with some travel/onsite requirements.

Benefits

BGS offers a competitive total compensation package including Health, Dental, Vision, Life Insurance, Paid Vacation, 401K, and Long and Short-Term Disability.

EEO Statement

BGS is an Equal Opportunity/Affirmative Action employer. All qualified applicants receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.

Exclusive Agreement Disclaimer

BGS holds standing contracts with federal agencies nationwide. By submitting your application, you consent to BGS representing you as a candidate for this role.

Key skills/competency

• NIST Risk Management Framework SME
• NIST SP 800-53
• System Security Plans (SSPs)
• Authorization to Operate (ATO)
• FISMA
• FedRAMP
• Cybersecurity Compliance
• Risk Assessments
• Security Audits
• Technical Writing