Job Closed
This listing is no longer active.
Oxley Enterprises®, Inc. is a certified service-disabled veteran-owned (SDVOSB), economically disadvantaged woman-owned (EDWOSB), Small Business Administration Certified 8(a), and small disadvantaged business (SDB) that has 25 years of experience building and delivering quality IT systems and programs. Oxley is ranked in the INC 5000 7 times (2016, 2017, 2018, 2021, 2023, 2024, 2025). Oxley is a 2019 - 2025 Department of Labor HIRE Vets Medallion Award Winner. Oxley is Virginia Values Veterans certified.
Risk Management Framework (RMF) Analyst
Location
United States
Posted
16 days ago
Salary
$72.5K - $111.1K / year
Seniority
Mid Level
No structured requirement data.
Job Description
Risk Management Framework (RMF) Analyst
Oxley Enterprises®, Inc.
Role Description Sustain the authorization lifecycle of a mission-critical Department of Veterans Affairs (VA) cloud platform. As the RMF Analyst, you will support all steps of the National Institute of Standards and Technology (NIST) RMF process and maintain required documentation across an authorization environment undergoing active restructuring. The RMF Analyst supports all six steps of the NIST RMF process and develops, updates, and maintains required RMF documentation for hosted applications. Qualifications - 5 years of experience supporting NIST RMF processes - Bachelor's Degree in cybersecurity, information assurance, or related field; CompTIA Security+ (preferred) Requirements - Excellent knowledge of all six steps of the NIST RMF process (e.g., Categorize, Select, Implement, Assess, Authorize, and Monitor) - Excellent ability to develop, update, and maintain required RMF documentation (e.g., Disaster Recovery Plan documentation) - Excellent experience performing continuous monitoring activities - Excellent ability to implement and maintain required NIST security controls - Excellent experience preparing and submitting required artifacts for Authorization to Operate (ATO) packages and reauthorization efforts - Above average ability to coordinate with security personnel and third-party assessors during authorization reviews - Above average experience supporting change documentation and impact analysis - Experience supporting a federal agency - Excellent verbal and written communication skills - General Physical Requirements needed to perform the essential functions of this job may vary based on the location of the assignment - Active Federal Civilian Public Trust clearance - U.S. Citizenship or Permanent Resident that has lived in the United States for at least 3 years Benefits - The annual projected pay range for this position is $72,517 - $111,100 with consideration being given to various factors including but not limited to qualifications, experience, job responsibilities, and geographic location. - Medical, dental, vision and prescription drug coverage for you and your family. - Life Insurance, short-term disability and long-term disability paid for by the Company. - Supplemental coverages including Accident, Critical Illness, and Hospital. - Additional Life insurance coverage for you and your dependents. - 401k plan with various options to select based on your retirement goals. Tasks/Activities - Supports all six steps of the NIST RMF process - Develops, updates, and maintains required RMF documentation including Disaster Recovery Plan documentation that is complete, current, and aligned with system architecture and operational practices - Ensures continuous monitoring activities are performed in accordance with VA Office of Information and Technology (OI&T) policies - Maintains recorded platform security posture and associated controls in Continuous Authorization Monitoring (CAM) or equivalent systems - Implements and maintains required NIST security controls in accordance with the approved baseline - Supports conversions to new NIST versions as standing policies are superseded - Validates security control effectiveness through automated testing, configuration validation, and periodic assessments - Prepares and submits required artifacts for ATO packages and reauthorization efforts for all products and services hosted or supported by the application - Coordinates with security personnel and third-party assessors during authorization reviews - Addresses assessment findings and provides remediation plans within defined timelines - Supports change documentation and impact analysis for architectural or operational modifications - Maintains Plan of Action and Milestones (POA&M) accuracy and supports timely closure of findings - Contributes RMF lifecycle status, security control implementation progress, and continuous monitoring data to the monthly RMF, security, and ATO status report
Related Guides
Related Categories
Related Job Pages
More Risk Jobs
Role Description This role is completely remote! Please Note: - Candidates based in the New York/New Jersey area or within the Eastern or Central time zone will be given preference over candidates from other locations. Job Details: - Requires detail-oriented person to assist clients to complete various quarterly/annual state reporting requirements to maintain Workers' Compensation Qualified Self-Insurance status and/or compliance with monopolistic fund requirements. - The ideal candidate will have related prior experience in multiple states. - Job duties as follows: - Maintain and closely adhere to schedule of reporting requirements for each client by entity and by state. - Request and obtain payroll, class codes, hours, loss information, financial statements and other documents from the client, TPA or other as required in each state. - Follow up with client or others on tight diary for receipt of information in order to stay in compliance with strict state deadlines. - Actively review status of all activity and input information into the various state web portals. - Guide clients on certifying and/or signing off on information on the web portals. Instruct clients on payment requirements. - Maintain detailed records of all activity including requests for documents, data, actuarial reports, proof of payments, etc. - Assist clients to add entities to state programs as necessary. - Review surety bonds or other security requirements and levels with each state. Request review of security as necessary. - Provide actuarial reports and other information requested by the state to support security. Qualifications - The ideal candidate will have experience conducting annual/quarterly filings in multiple states within an employer risk management/HR/payroll department, broker, consulting firm or on the receiving end of filings within a state department of insurance/labor.
Insurance Risk Interviewer I
Quest DiagnosticsA Fortune 500 company cited on the S&P 500 Index, Quest Diagnostics is a healthcare products and services provider offering diagnostic testing to 1-in-3 U.S. ad
Role Description The primary purpose of this position is to complete life insurance medical and financial interviews via telephone through outbound calls for multiple client companies. Schedule: Monday to Friday, 8:00AM – 4:30PM Central, with rotational weekends. Pay range: $17/hour. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications obtained. Market and organizational factors are also considered. Successful candidates may be eligible to receive annual performance bonus compensation. Qualifications - Relevant skills and training - Experience in life insurance or related fields - Education background related to the role - Certifications obtained (if applicable) Requirements - Ability to conduct interviews via telephone - Strong communication skills - Ability to work Monday to Friday, 8:00AM – 4:30PM Central - Willingness to work rotational weekends Benefits - Day 1 Medical, supplemental health, dental & vision for FT employees who work 30+ hours - Best-in-class well-being programs - Annual, no-cost health assessment program Blueprint for Wellness® - healthyMINDS mental health program - Vacation and Health/Flex Time - 6 Holidays plus 1 "MyDay" off - FinFit financial coaching and services - 401(k) pre-tax and/or Roth IRA with company match up to 5% after 12 months of service - Employee stock purchase plan - Life and disability insurance, plus buy-up option - Flexible Spending Accounts - Annual incentive plans - Matching gifts program - Education assistance through MyQuest for Education - Career advancement opportunities - And so much more!
Arquitecto de Procesos – Riesgo de Mercado
KeppriEspecialistas en el end to end de activos digitales, staffing y Servicios Tecnológicos. Hazlo fácil con KEPPRI !!!
• Construir el entendimiento y la visión del negocio a partir de journeys, modelos de indicadores y lineamientos estratégicos, dejando explícito el modelo de negocio de la arquitectura (portafolio de servicios y estructura). • Definir el mapa de capacidades del negocio y su inventario, estableciendo qué debe saber hacer el área para cumplir su estrategia. • Levantar la arquitectura AS IS: mapear procesos y componentes, asociar aplicaciones e inventarios de sistemas, e identificar tableros e indicadores de operación y experiencia. • Diseñar la arquitectura TO BE y el modelo operativo objetivo a alto nivel: priorización estratégica de capacidades, arquetipos de procesos e identificación de componentes. • Producir el análisis de brechas (mapa de gaps), priorizar iniciativas y consolidar el roadmap de transformación. • Asegurar trazabilidad y consistencia entre capas (negocio, procesos, aplicaciones, datos) y alinear los entregables con estándares de arquitectura empresarial. • Facilitar talleres con stakeholders de negocio, riesgo y tecnología, y comunicar la arquitectura a niveles ejecutivos y técnicos.
Arquitecto de Procesos – Riesgo de Mercado
KeppriEspecialistas en el end to end de activos digitales, staffing y Servicios Tecnológicos. Hazlo fácil con KEPPRI !!!
• Construir el entendimiento y la visión del negocio a partir de journeys, modelos de indicadores y lineamientos estratégicos, dejando explícito el modelo de negocio de la arquitectura (portafolio de servicios y estructura). • Definir el mapa de capacidades del negocio y su inventario, estableciendo qué debe saber hacer el área para cumplir su estrategia. • Levantar la arquitectura AS IS: mapear procesos y componentes, asociar aplicaciones e inventarios de sistemas, e identificar tableros e indicadores de operación y experiencia. • Diseñar la arquitectura TO BE y el modelo operativo objetivo a alto nivel: priorización estratégica de capacidades, arquetipos de procesos e identificación de componentes. • Producir el análisis de brechas (mapa de gaps), priorizar iniciativas y consolidar el roadmap de transformación. • Asegurar trazabilidad y consistencia entre capas (negocio, procesos, aplicaciones, datos) y alinear los entregables con estándares de arquitectura empresarial. • Facilitar talleres con stakeholders de negocio, riesgo y tecnología, y comunicar la arquitectura a niveles ejecutivos y técnicos.

