We’re looking for an Information Systems Security Manager (ISSM) to lead the authorization and continuous compliance of LIGER, an enterprise AI platform for our DHS customer. You’ll own the security management posture for the platform: developing and maintaining the authorization package, driving the Risk Management Framework (RMF) lifecycle, and serving as LIGER’s primary security management interface to cyber leadership. This position requires an active Secret clearance and the ability to obtain a CBP Background Investigation;  U.S. citizenship is required.

This is a senior, accountable role. While the LIGER cyber engineering team handles hands-on implementation, you own the strategy, the artifacts, and the relationship with Authorizing Officials and ISSOs. You’ll translate  DHS security policy into actionable program direction, lead assessment and authorization (A&A) activities, and make sure LIGER reaches and maintains its Authority to Operate (ATO).

LIGER sits within LMI’s Chief Technology Office. We’re a small, high-visibility team building AI tools for federal agencies. The culture is more startup than traditional government contractor; we move fast, solve problems in design spikes rather than scheduled reviews, and care more about outcomes than process. That said, we’re building for users who need reliability and trust, so craft and attention to detail matter, especially in security.

As ISSM, you’ll work daily with the platform lead, the cyber engineering team, and product leadership, and directly with cyber stakeholders. You’ll set the security management direction for LIGER’s deployment and have real influence over how the platform balances rigor with the pace of iteration.

LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed.  

Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors—helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value.  

What You’ll Do

• Lead the full RMF lifecycle for LIGER’s deployment, from system categorization and control selection through assessment, authorization, and continuous monitoring

• Develop, maintain, and defend the authorization package: System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and supporting artifacts

• Serve as LIGER’s primary security management point of contact for Authorizing Officials, ISSOs, assessors, and cyber working groups

• Advise LMI and government leadership on system risk levels, control effectiveness, and the cybersecurity posture of the platform, including emerging risks unique to AI/LLM systems

• Develop and maintain LIGER security policies, procedures, and SOPs aligned to DHS requirements

• Direct the work of cyber engineers and ISSOs supporting LIGER, ensuring activities align to compliance objectives and program timelines

• Coordinate A&A activities across distributed teams, including engineering, infrastructure, and stakeholders

• Track audit findings, remediation actions, and POA&M items to closure, escalating risks as needed

• Interpret noncompliance and translate it into impact assessments and risk-informed mitigation plans

• Support FedRAMP-aligned control implementation and inheritance where applicable

• Stay current on evolving federal cybersecurity policy and translate changes into LIGER program direction

What We’re Looking For

• Active Secret clearance and the ability to obtain a CBP Background Investigation;  U.S. citizenship is required.

• Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or a related field

• 8+ years of experience in cybersecurity, information assurance, or related fields, with significant time in federal environments

• 5+ years of hands-on RMF experience, including ATO development and continuous monitoring against NIST 800-53

• Demonstrated experience leading authorization activities and serving as the primary security interface to government Authorizing Officials and assessors

• CISSP, CISM, or equivalent senior-level cybersecurity certification

• Strong working knowledge of cloud security in AWS, particularly GovCloud or similar high-compliance environments

• Experience writing, defending, and maintaining ATO-grade documentation that holds up to assessor and AO review

• Ability to translate compliance requirements into specific engineering work and direct technical staff toward closure

• Excellent written and verbal communication skills, with the ability to brief senior government and industry leaders on risk and compliance posture

What Will Set You Apart

• Active CBP Background Investigation or prior CBP/DHS program support

• Direct experience leading ATO or continuous authorization for systems hosted at DHS, or another DHS component

• Familiarity with DHS 4300A and specific cybersecurity policies and processes

• FedRAMP authorization or assessment experience (Moderate or High)

• Experience securing LLM, GenAI, or agentic AI systems in federal environments

• Familiarity with CISA Binding Operational Directives, Continuous Diagnostics and Mitigation (CDM), or High Value Asset (HVA) program requirements

• Experience with ATO documentation tooling (e.g., Xacta, OpenRMF, or similar)

• Experience integrating security and compliance activities into DevSecOps pipelines