Guidehouse
Cyber Consulting
RiskManagementFramework(A&A)Manager
Neural analysis suggests this role is
optimal for Manager candidates.
“Risk Management Framework (A&A) Manager at Guidehouse. Skills: Risk Management Framework, Authorization, Compliance, Cybersecurity. Provide programmatic leadership. Direct multi disciplinary teams”
What You'll Achieve.
Ensuring sustained compliance; Delivery excellence; Enhance efficiency, quality, and sustainability
Industry & Context.
Up to 10% Travel, Ability to Obtain Public Trust, Public Trust adjudication prior to onboarding
What They're Looking For.
Must Have
Ability to Obtain Public Trust, EIGHT (8) years of experience supporting federal RMF / A&A programs, THREE (3) years experience leading RMF, A&A, or cybersecurity compliance teams, Demonstrated leadership of consulting or government teams supporting enterprise security initiatives, Deep expertise in NIST RMF, FISMA, FedRAMP, and OMB cybersecurity directives, Proven experience supporting cloud authorization and high impact federal systems, executive communication, stakeholder management, and risk advisory skills, Demonstrated experience leading cloud A&A efforts (IaaS, PaaS, SaaS)
Nice to Have
ACTIVE PUBLIC TRUST or SUITABILITY and maintain an active HHS/NIH clearance, CISSP, CISM, or equivalent senior cybersecurity certification, Experience managing IT and financial system audits (FISMA, SSAE 18, OIG), FedRAMP authorization or 3PAO leadership experience, Experience supporting financial systems or HUD related clients, Experience implementing governance workflows using ServiceNow or similar tools
What You'll Do.
Provide programmatic leadership
Direct multi disciplinary teams
Serve as senior advisor
Oversee FedRAMP P ATO reviews
Lead third party assessment
Ensure development and maintenance
Lead enterprise audit readiness
Establish governance processes
Drive continuous improvement
How You'll Work.
Team & Collaboration
Serve as the primary interface with government leadership; Direct multi disciplinary teams delivering authorization packages, audit responses, third party assessments, and remediation activities; Serve as senior advisor to Authorizing Officials (AO), CISO, IAM, CTA, and System Owners
Communication Scope
Executive communication; Stakeholder management; Risk advisory skills; Executive level reporting
Process & Methodology
Programmatic leadership, End to end execution, Multiple concurrent authorizations, Project management
Full Job Description
**_Job Family_ :** Cyber Consulting ** _Travel Required_ :** Up to 10% **_Clearance Required_ :** Ability to Obtain Public Trust _**What You Will Do:**_ The RMF / A&A Manager provides senior leadership and strategic oversight for federal cybersecurity authorization, compliance, and audit programs supporting Ginnie Mae enterprise and cloud environments. This role is accountable for end to end execution of the Risk Management Framework (RMF), Assessment & Authorization (A&A), FedRAMP integration, and IT audit support, ensuring sustained compliance with FISMA, NIST, OMB mandates, and agency policies. The Manager serves as the primary interface with government leadership and drives delivery excellence across multiple concurrent authorizations, audits, and third party assessments. **Key Responsibilities** * Provide programmatic leadership across RMF, A&A, FedRAMP, and IT audit activities for major and minor systems and cloud platforms. * Direct multi disciplinary teams delivering authorization packages, audit responses, third party assessments, and remediation activities. * Serve as senior advisor to Authorizing Officials (AO), CISO, IAM, CTA, and System Owners on risk posture, authorization decisions, and compliance strategy. * Oversee FedRAMP P ATO reviews, agency control inheritance analysis, risk acceptance documentation, and authorization recommendations. * Lead third party assessment (3PAO) coordination and ensure quality, consistency, and timeliness of Security Assessment Reports (SARs). * Ensure development and maintenance of all RMF artifacts (SSP, SAR, POA&M, BIA, PIA, ISA, FIPS 199, contingency plans, and risk acceptance). * Lead enterprise audit readiness and execution for FISMA, financial system audits, and SSAE 18 reviews. * Establish governance processes, SOPs, metrics, dashboards, and executive level reporting. * Drive continuous improvement of RMF and audit processes to enhance efficiency, quality, and sustainability. _**What You Will Need:**_ * Must be
Applying for this Risk Management Framework (A&A) Manager role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Guidehouse?
Real rants from real employees. Read before you apply.