Skills

Leadership Risk Management Monitoring Prioritization Training Architecture Risk Analysis Organization AWS

Job Specifications

Active Top Secret Required

About Aretum

Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront.

Job Summary

The Mid-Level Security Compliance & Documentation Analyst serves as an ISSO-aligned cybersecurity professional responsible for leading RMF, authorization, and compliance activities for complex, classified C5ISR and IIR mission systems. This role owns RMF package integrity, documentation quality, and authorization readiness while serving as a senior advisor to government stakeholders. Technical exposure may include select security tools or monitoring capabilities depending on the individual's background, but the primary focus is governance, compliance, and documentation leadership.

Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.

Responsibilities

RMF Leadership & Authorization

Support and maintain development, maintenance, and oversight of RMF packages for classified C5ISR and IIR systems
Coordinate with Government System Owners, ISSOs, ISSEs, and Authorizing Officials to collect evidence, validate control implementation and maintain package accuracy
Execute RMF support activities for ATO/IATT and continuous monitoring across multiple systems/enclaves, including documentation updates driven by engineering and operational changes
Document and track POA&M items, support risk-based prioritization, and provide remediation status reporting through closure.
Validate documentation alignment with system architecture, interconnections, control inheritance, and mission dependencies.

Compliance & Governance

Ensure systems comply with Department of War/DoD, and federal cybersecurity requirements
Support internal and external audits, inspections, and cybersecurity assessments
Monitor changes to cybersecurity policy and support implementation across supported systems
Provide compliance status, risk analysis, and authorization reporting to government leadership

Documentation & SOP Development

Author, maintain, and approve cybersecurity SOPs, plans, and technical documentation
Standardized documentation practices across supported systems and teams
Ensure documentation supports audits, inspections, and operational continuity

Mission & Network Risk Support

Support cybersecurity risk management for C5ISR and IIR systems
Assess security impacts across enterprise, tactical, and mission networks
Support interconnected and cross-domain system authorization efforts

Requirements

Master's Degree + 5 years of relevant experience or Bachelor's Degree + 8 years of relevant experience
3-6 years of experience in information assurance, cybersecurity, or compliance-focused roles
IAT Level III Certification{{:}} Must possess one of the following{{:}} CASP+ CE, CCNP Security+, CISA, CISSP, GCED, GCIH, or CCSP
Active Top Secret Clearance
Demonstrated experience maintaining and leading RMF packages in classified or regulated environments
Strong knowledge of NIST 800-series publications and DoD cybersecurity requirements
Proven experience developing SOPs, policies, and compliance documentation
Ability to communicate effectively with both technical and non-technical stakeholders
Demonstrated willingness to learn new tools/techniques and support cross-functional cybersecurity activities as mission needs evolve

Preferred Requirements

Extensive knowledge of AWS Security
Experience supporting Department of War, DoD, or intelligence community mission systems
Familiarity with Zero Trust concepts and assessment efforts
Advanced certifications such as CAP, CISM, or CISSP
Experience with cross-domain solutions and interconnected system authorization

Travel Requirements

This is a remote position; however, occasional travel may be required based on project needs, client meetings, team collaboration events, or training sessions. Travel is expected to be less than 10% and will be communicated in advance whenever possible.

EEO Statement

Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance.

As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws.

We are proud to support our nation's veterans and military families, providing career oppo

About the Company

Aretum is a leading government contracting company specializing in technology-enabled mission support services for the Department of Defense, Department of Homeland Security, and Civilian agencies. Aretum provides leading-edge solutions and outstanding service to Federal clients focusing on Digital Transformation, Cyber Security, PMO Support, Next Generation Analytics, Mission Support, and Financial Consulting. For more information, visit www.aretum.com. Know more