Information System Security Officer (ISSO)
LightFeather is seeking a highly skilled and detail-oriented Information System Security Officer (ISSO) to join our team, providing critical security oversight and Certification & Accreditation (C&A) support for the CISA Gateway. This role offers the opportunity to support impactful, high-visibility security initiatives within a collaborative environment. You’ll safeguard enterprise systems, strengthen compliance posture, and contribute to an organization that values innovation, agility, and professionalism.
Location: Arlington, VA (Hybrid)
Job Type: Full-time
Citizenship: U.S. Citizenship Required
Clearance Requirement: Active Public Trust Security Clearance
Key Responsibilities
- Serve as the Information System Security Officer (ISSO) for assigned enterprise systems, managing all security and compliance requirements.
- Support the Certification & Accreditation (C&A) process by maintaining and updating system security documentation and artifacts.
- Draft and maintain System Security Plans (SSPs), Contingency Plans (CPs), Interconnection Security Agreements (ISAs), and related security documentation.
- Maintain and update security artifacts in governance, risk, and compliance (GRC) systems to ensure all materials remain current and complete for the system’s Authority to Operate (ATO).
- Implement and oversee National Institute of Standards and Technology (NIST) 800-53 and 800-37 (Risk Management Framework) controls.
- Manage and track Plans of Action and Milestones (POA&Ms) from identification through remediation.
- Conduct security audits, review system audit logs, and identify potential vulnerabilities or misconfigurations.
- Utilize Tenable Nessus scanning tools to identify and remediate vulnerabilities.
- Support security requirements for AWS GovCloud (US) or other cloud environments, ensuring compliance with federal security standards.
- Coordinate with stakeholders, developers, and system owners to ensure adherence to Federal Information Security Modernization Act (FISMA) and other federal security oversight requirements.
- Prepare and submit complete system security authorization packages for Authorization Official (AO) approval.
Required Qualifications
- U.S. Citizenship.
- Active Public Trust or higher security clearance.
- Minimum 4 years of experience in Certification & Accreditation (C&A) activities for federal or enterprise IT systems.
- Hands-on experience using GRC tools or security compliance platforms to maintain security artifacts.
- Demonstrated expertise in drafting security documentation, including SSPs, CPs, and ISAs.
- Strong understanding of NIST 800-53, 800-37, RMF, and related federal security frameworks.
- Experience with vulnerability management tools such as Tenable Nessus.
- Knowledge of operating systems, network architecture, web applications, and database security principles.
- Experience supporting cloud security implementations (e.g., AWS GovCloud).
- Familiarity with FISMA compliance and other federal oversight activities.
- Ability to conduct security audits and reviews of audit logs.
- Strong communication and technical writing skills to document findings, plans, and security posture clearly.
Preferred Qualifications
- Security certifications such as Security+, CISSP, or CEH.
- Experience coordinating directly with Authorizing Officials (AOs) and system owners during security assessments and ATO processes.
- Prior experience supporting federal agencies or large enterprise organizations.
- Experience working in high-security or mission-critical environments.
Why Join LightFeather?
At LightFeather, you're not just taking a job—you're joining a purpose-driven team that delivers innovative, mission-critical solutions to make a real difference. You'll work on diverse, meaningful projects that challenge and inspire you, alongside some of the best minds in the industry.
Create a Job Alert
Interested in building your career at LIGHTFEATHER IO LLC? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field