[Hiring] Cybersecurity – Information Systems Security Manager @Logistics Management Institute

Role Description

We’re looking for an Information Systems Security Manager (ISSM) to lead the authorization and continuous compliance of LIGER, an enterprise AI platform, in its U.S. Customs and Border Protection (CBP) deployment. You’ll own the security management posture for the platform:

• Developing and maintaining the authorization package
• Driving the Risk Management Framework (RMF) lifecycle
• Serving as LIGER’s primary security management interface to CBP cyber leadership

This position requires an active Secret clearance and the ability to obtain a CBP Background Investigation; U.S. citizenship is required.

This is a senior, accountable role. While the LIGER cyber engineering team handles hands-on implementation, you own the strategy, the artifacts, and the relationship with CBP Authorizing Officials and ISSOs. You’ll translate CBP and DHS security policy into actionable program direction, lead assessment and authorization (A&A) activities, and make sure LIGER reaches and maintains its Authority to Operate (ATO).

LIGER sits within LMI’s Chief Technology Office. We’re a small, high-visibility team building AI tools for federal agencies. The culture is more startup than traditional government contractor; we move fast, solve problems in design spikes rather than scheduled reviews, and care more about outcomes than process. That said, we’re building for users who need reliability and trust, so craft and attention to detail matter, especially in security.

As ISSM, you’ll work daily with the platform lead, the cyber engineering team, and product leadership, and directly with CBP cyber stakeholders. You’ll set the security management direction for LIGER’s CBP deployment and have real influence over how the platform balances rigor with the pace of iteration.

Responsibilities

• Lead the full RMF lifecycle for LIGER’s CBP deployment, from system categorization and control selection through assessment, authorization, and continuous monitoring
• Develop, maintain, and defend the authorization package: System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and supporting artifacts
• Serve as LIGER’s primary security management point of contact for CBP Authorizing Officials, ISSOs, assessors, and cyber working groups
• Advise LMI and CBP leadership on system risk levels, control effectiveness, and the cybersecurity posture of the platform, including emerging risks unique to AI/LLM systems
• Develop and maintain LIGER security policies, procedures, and SOPs aligned to CBP and DHS requirements
• Direct the work of cyber engineers and ISSOs supporting LIGER, ensuring activities align to compliance objectives and program timelines
• Coordinate A&A activities across distributed teams, including engineering, infrastructure, and CBP-side stakeholders
• Track audit findings, remediation actions, and POA&M items to closure, escalating risks as needed
• Interpret noncompliance and translate it into impact assessments and risk-informed mitigation plans
• Support FedRAMP-aligned control implementation and inheritance where applicable
• Stay current on evolving DHS, CBP, and federal cybersecurity policy and translate changes into LIGER program direction

Qualifications

• Active Secret clearance and the ability to obtain a CBP Background Investigation; U.S. citizenship is required.
• Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or a related field
• 8+ years of experience in cybersecurity, information assurance, or related fields, with significant time in federal environments
• 5+ years of hands-on RMF experience, including ATO development and continuous monitoring against NIST 800-53
• Demonstrated experience leading authorization activities and serving as the primary security interface to government Authorizing Officials and assessors
• CISSP, CISM, or equivalent senior-level cybersecurity certification
• Strong working knowledge of cloud security in AWS, particularly GovCloud or similar high-compliance environments
• Experience writing, defending, and maintaining ATO-grade documentation that holds up to assessor and AO review
• Ability to translate compliance requirements into specific engineering work and direct technical staff toward closure
• Excellent written and verbal communication skills, with the ability to brief senior government and industry leaders on risk and compliance posture

What Will Set You Apart

• Active CBP Background Investigation or prior CBP/DHS program support
• Direct experience leading ATO or continuous authorization for systems hosted at CBP, DHS, or another DHS component
• Familiarity with DHS 4300A and CBP-specific cybersecurity policies and processes
• FedRAMP authorization or assessment experience (Moderate or High)
• Experience securing LLM, GenAI, or agentic AI systems in federal environments
• Familiarity with CISA Binding Operational Directives, Continuous Diagnostics and Mitigation (CDM), or High Value Asset (HVA) program requirements
• Experience with ATO documentation tooling (e.g., Xacta, OpenRMF, or similar)
• Experience integrating security and compliance activities into DevSecOps pipelines