Security / RMF Engineer

Public Trust Eligibility Required

About Aretum 

Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront. 

Job Summary

Aretum is seeking a skilled and highly motivated Security / RMF Engineer. As a Security / RMF Engineer, you will ensure compliance with VA security requirements and manage the ATO lifecycle.

Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements. 

Responsibilities 

• Develop and maintain RMF documentation (SSP, POA&M, SAR inputs)
• Map and implement security controls across system layers
• Coordinate with VA security stakeholders
• Support vulnerability scanning and remediation
• Enable continuous monitoring and compliance

Requirements

• RMF Framework: NIST 800-53, control families, tailoring
• ATO Process: SSP development, POA&M management, authorization workflows
• ServiceNow GRC (or similar): Documentation and tracking
• Cloud Security: AWS security controls, shared responsibility model
• Identity & Access Management: RBAC, least privilege, federation concepts
• Encryption: TLS, data-at-rest encryption, key management (KMS)
• Vulnerability Management: Scanning tools, remediation workflows
• Logging & Monitoring: SIEM integration (Splunk, Datadog concepts)
• Network Security: Segmentation, ingress/egress control, TIC awareness
• Compliance Standards: HIPAA awareness, FISMA/FEDRAMP basics
• DevSecOps Integration: Security in CI/CD pipelines
• Risk Assessment: Identifying and documenting system risks and mitigations

Travel RequirementsThis is a remote position; however, occasional travel may be required based on project needs, client meetings, team collaboration events, or training sessions. Travel is expected to be less than 10% and will be communicated in advance whenever possible. 

EEO Statement

Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance. 

As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws. 

We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience. 

If you require reasonable accommodation during the hiring process due to a disability, please contact hr@aretum.com for assistance. 

Equal Opportunity Employer/Veterans/Disabled 

U.S. Work Authorization

Due to federal contract requirements, only U.S. citizens are eligible for this position. This position supports a federal government contract and requires the ability to obtain and maintain a Public Trust or Suitability Determination, depending on the agency’s background investigation requirements. 

Benefits

• Health Care Plan (Medical, Dental & Vision)  
• Retirement Plan (401k) 
• Life Insurance (Basic, Voluntary & AD&D)  
• Paid Time Off 
• Family Leave (Maternity, Paternity)  
• Short Term & Long-Term Disability  
• Training & Development