• Provide Cybersecurity Engineering and Risk Management Framework (RMF) support for The United States Air Force (USAF) Life Cycle Management Center (AFLCMC) Engineering Directorate (AFLCMC/EN-EZ) Cyber Systems Engineering Division (AFLCMC/EZH). • Provide state-of-the-art technical support for the acquisition of cloud Development Security Operations (DevSecOps) boundary systems within AFLCMC. • Play a critical role in supporting the RMF Assessment and Authorization (A&A) processes for AFLCMC/EN-EZ. • Responsible for the technical implementation of the RMF. • Conduct cybersecurity and risk assessments on networks, systems and applications to identify and mitigate technical and non-technical vulnerabilities. • Handle multiple RMF authorization types, including baseline changes, use cases, Assessment Summary Results (ASR), Authorization to Operate (ATO), CAR, Denial of Authorization to Operate (DATO) & HRR/HR. • Conduct vulnerability assessment and analysis utilizing standard technologies, such as Security Content Automation Protocols (SCAPs), Assured Compliance Assessment Solution (ACAS)/NESSUS scans and DISA Security Technical Implementation Guides (STIGs)/ Security Requirements Guides (SRGs). • Conduct security assessments and create RMF documentation, including Security Assessment Plans (SAPs), eMASS Security Risk Assessment (SARs), Special Access Programs (SAPs) Executive Summary, SAPs Body of Evidence (BOE). • Provide accurate assessments and document security posture, capabilities and vulnerabilities. • Lead the creation of the SAPs and SARs and convey technical findings and risk assessments. • Perform detailed risk analysis, identify system vulnerabilities and provide comprehensive recommendations for risk mitigation. • Verify, validate and document risk, perform Security Control Assessments (SCAs) and document compliant and failed security controls in eMASS. • Assess STIGs and SRGs. • Ensure traceability of all vulnerabilities from raw assessment results to the Plan of Action and Milestones (POA&Ms). • Support the Continuous Security Monitoring (CSM) program as necessary.