Security - RMF Engineer

About this role

About GigaTECH

GigaTECH is a dynamic, full-service Information Technology and Healthcare IT SDVOSB proudly serving our military, Veterans, and other Government and commercial agencies. We believe in effective and transparent collaboration; we believe our entire staff to be one team; we believe in corporate integrity and customer satisfaction; we believe hard work should be generously rewarded. We look forward to you joining our team!

We actively seek candidates who challenge the status quo by wanting to significantly improve the user experience (patient, provider, payor) of healthcare IT applications.

Job Description

GigaTECH is seeking a mid-level Security/RMF Engineer to join our growing Healthcare IT-focused practice. This position will work directly with the contract technical team to ensure compliance with the Department of Veterans Affairs (VA) security requirements and achieve, maintain, and manage the Authority to Operate (ATO) lifecycle.

The successful candidate will demonstrate experience with AWS Cloud Security. Develop system security documentation (SSP, POA&M), implementing and assessing NIST 800-53 security controls, conducting vulnerability scanning, and facilitating continuous monitoring within VA environments. The successful candidate will be a self-starter who is an aggressive learner.

Responsibilities:

• Develop and maintain RMF documentation (SSP, POA&M, SAR inputs)
• Map and implement security controls across system layers
• Coordinate with VA security stakeholders
• Support vulnerability scanning and remediation
• Enable continuous monitoring and compliance

Skills and Experience (Required):

• RMF Framework: NIST 88-53, control families, tailoring
• ATO Process: SSP development, POA&M management, authorization frameworks
• ServiceNow GRC (or similar): Documentation and tracking
• Cloud security: AWS security controls, shared responsibility models
• Identity & Access Management: RBAC, least privilege, federation concepts
• Encryption: TL...