HAPS RMF, Security, and ATO Manager

Position Overview SMX Services & Consulting, Inc. is seeking an RMF, Security & ATO Manager to support the Department of Veterans Affairs Health Applications Platform Services (HAPS) program. HAPS is an AWS GovCloud/EKS-hosted enterprise cloud platform supporting secure application development, hosting, DevSecOps/SRE, cybersecurity, and operational services for more than 300 VA applications and services. Position Summary Lead RMF, cybersecurity compliance, ATO/ATC activities, continuous monitoring, POA&M management, audit support, risk reporting, and authorization maintenance for mission-critical HAPS environments.

Key Responsibilities

• Oversee RMF implementation, cybersecurity compliance, and authorization activities.
• Manage ATO/ATC support, security documentation, risk mitigation, and compliance reporting.
• Coordinate with Program Management, Technical Directors, COR, Government cybersecurity teams, and leadership.
• Support continuous monitoring, vulnerability management, POA&M tracking, and audit/assessment activities.
• Maintain awareness of authorization status, security findings, risks, and remediation efforts.

Required Skills & Experience

• RMF, ATO/ATC support, cybersecurity compliance, and continuous monitoring
• POA&M management, vulnerability remediation, audit support, and risk reporting
• Experience managing RMF and ATO processes for enterprise or mission-critical systems
• Federal Government cybersecurity and cloud/hybrid systems experience
• Strong knowledge of Federal security frameworks and compliance processes

Preferred Experience VA cybersecurity environments, VAEC, NIST SP 800-53, FISMA, FedRAMP, eMASS or similar GRC tools, vulnerability scanning, POA&M management, and ATO renewal support. Education Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, Information Systems, or related field preferred. Preferred Certifications CISSP, CISM, CGRC/CAP, Security+, AWS Security Specialty, CEH, GSEC.