Information Systems Security Manager – Clearance Required

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee the complete RMF lifecycle for LIGER’s CBP deployment, encompassing system categorization, control selection, assessment, authorization, and ongoing monitoring.

• Create, uphold, and justify the authorization package, which includes the System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), along with supporting documentation.

• Act as the primary point of contact for security management at LIGER, engaging with CBP Authorizing Officials, ISSOs, assessors, and cyber working groups.

• Provide guidance to LMI and CBP leadership regarding system risk levels, control effectiveness, and the cybersecurity posture of the platform, particularly focusing on emerging risks associated with AI/LLM systems.

• Develop and sustain LIGER's security policies, procedures, and Standard Operating Procedures (SOPs) in accordance with CBP and DHS requirements.

• Lead the efforts of cyber engineers and ISSOs supporting LIGER, ensuring that activities adhere to compliance objectives and program timelines.

• Coordinate Assessment and Authorization (A&A) activities among distributed teams, including engineering, infrastructure, and stakeholders from the CBP side.

• Monitor audit findings, remediation actions, and POA&M items until resolution, escalating risks as necessary.

• Analyze noncompliance issues and convert them into impact assessments and risk-informed mitigation strategies.

• Assist with the implementation and inheritance of FedRAMP-aligned controls where applicable.

• Remain updated on changing DHS, CBP, and federal cybersecurity policies, translating these changes into direction for the LIGER program.

⛳️ Requirements

• Active Secret clearance and capability to obtain a CBP Background Investigation; U.S. citizenship is mandatory.

• Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or a related discipline.

• At least 8 years of experience in cybersecurity, information assurance, or related areas, with substantial experience in federal environments.

• More than 5 years of practical RMF experience, including the development of Authorization to Operate (ATO) and continuous monitoring in compliance with NIST 800-53.

• Proven experience leading authorization activities and acting as the main security liaison to government Authorizing Officials and assessors.

• Possession of a CISSP, CISM, or equivalent senior-level cybersecurity certification.

• Strong understanding of cloud security within AWS, especially in GovCloud or similar high-compliance settings.

• Experience in authoring, defending, and maintaining ATO-grade documentation that withstands scrutiny from assessors and Authorizing Officials.

• Capability to interpret compliance requirements into precise engineering tasks and guide technical personnel to completion.

• Exceptional written and verbal communication skills, with the ability to present briefings to senior government and industry stakeholders regarding risk and compliance posture.

🏝️ Benefits

• Salaried position with high fringe benefits and full-time status.