LightFeather is seeking a highly skilled and detail-oriented Information System Security Officer (ISSO) to join our team, providing critical security oversight and Certification & Accreditation (C&A) support for the CISA Gateway. This role offers the opportunity to support impactful, high-visibility security initiatives within a collaborative environment. You’ll safeguard enterprise systems, strengthen compliance posture, and contribute to an organization that values innovation, agility, and professionalism.

Location: Arlington, VA (Hybrid)
Job Type: Full-time
Citizenship: U.S. Citizenship Required
Clearance Requirement: Active Public Trust Security Clearance

Key Responsibilities

• Serve as the Information System Security Officer (ISSO) for assigned enterprise systems, managing all security and compliance requirements.
• Support the Certification & Accreditation (C&A) process by maintaining and updating system security documentation and artifacts.
• Draft and maintain System Security Plans (SSPs), Contingency Plans (CPs), Interconnection Security Agreements (ISAs), and related security documentation.
• Maintain and update security artifacts in governance, risk, and compliance (GRC) systems to ensure all materials remain current and complete for the system’s Authority to Operate (ATO).
• Implement and oversee National Institute of Standards and Technology (NIST) 800-53 and 800-37 (Risk Management Framework) controls.
• Manage and track Plans of Action and Milestones (POA&Ms) from identification through remediation.
• Conduct security audits, review system audit logs, and identify potential vulnerabilities or misconfigurations.
• Utilize Tenable Nessus scanning tools to identify and remediate vulnerabilities.
• Support security requirements for AWS GovCloud (US) or other cloud environments, ensuring compliance with federal security standards.
• Coordinate with stakeholders, developers, and system owners to ensure adherence to Federal Information Security Modernization Act (FISMA) and other federal security oversight requirements.
• Prepare and submit complete system security authorization packages for Authorization Official (AO) approval.

Required Qualifications

• U.S. Citizenship.
• Active Public Trust or higher security clearance.
• Minimum 4 years of experience in Certification & Accreditation (C&A) activities for federal or enterprise IT systems.
• Hands-on experience using GRC tools or security compliance platforms to maintain security artifacts.
• Demonstrated expertise in drafting security documentation, including SSPs, CPs, and ISAs.
• Strong understanding of NIST 800-53, 800-37, RMF, and related federal security frameworks.
• Experience with vulnerability management tools such as Tenable Nessus.
• Knowledge of operating systems, network architecture, web applications, and database security principles.
• Experience supporting cloud security implementations (e.g., AWS GovCloud).
• Familiarity with FISMA compliance and other federal oversight activities.
• Ability to conduct security audits and reviews of audit logs.
• Strong communication and technical writing skills to document findings, plans, and security posture clearly.

Preferred Qualifications

• Security certifications such as Security+, CISSP, or CEH.
• Experience coordinating directly with Authorizing Officials (AOs) and system owners during security assessments and ATO processes.
• Prior experience supporting federal agencies or large enterprise organizations.
• Experience working in high-security or mission-critical environments.

Why Join LightFeather?
At LightFeather, you're not just taking a job—you're joining a purpose-driven team that delivers innovative, mission-critical solutions to make a real difference. You'll work on diverse, meaningful projects that challenge and inspire you, alongside some of the best minds in the industry.