Information System Security Officer (ISSO)

LightFeather is seeking a highly skilled and detail-oriented Information System Security Officer (ISSO) to join our team, providing critical security oversight and Certification & Accreditation (C&A) support for the CISA Gateway. This role offers the opportunity to support impactful, high-visibility security initiatives within a collaborative environment. You'll safeguard enterprise systems, strengthen compliance posture, and contribute to an organization that values innovation, agility, and professionalism.Location: Arlington, VA (Hybrid)Job Type: Full-timeCitizenship: U.S. Citizenship RequiredClearance Requirement: Active Public Trust Security ClearanceKey ResponsibilitiesServe as the Information System Security Officer (ISSO) for assigned enterprise systems, managing all security and compliance requirements.Support the Certification & Accreditation (C&A) process by maintaining and updating system security documentation and artifacts.Draft and maintain System Security Plans (SSPs), Contingency Plans (CPs), Interconnection Security Agreements (ISAs), and related security documentation.Maintain and update security artifacts in governance, risk, and compliance (GRC) systems to ensure all materials remain current and complete for the system's Authority to Operate (ATO).Implement and oversee National Institute of Standards and Technology (NIST) 800-53 and 800-37 (Risk Management Framework) controls.Manage and track Plans of Action and Milestones (POA&Ms) from identification through remediation.Conduct security audits, review system audit logs, and identify potential vulnerabilities or misconfigurations.Utilize Tenable Nessus scanning tools to identify and remediate vulnerabilities.Support security requirements for AWS GovCloud (US) or other cloud environments, ensuring compliance with federal security standards.Coordinate with stakeholders, developers, and system owners to ensure adherence to Federal Information Security Modernization Act (FISMA) and other federal security oversight requirements.Prepare and submit complete system security authorization packages for Authorization Official (AO) approval.Required QualificationsU.S. Citizenship.Active Public Trust or higher security clearance.Minimum 4 years of experience in Certification & Accreditation (C&A) activities for federal or enterprise IT systems.Hands-on experience using GRC tools or security compliance platforms to maintain security artifacts.Demonstrated expertise in drafting security documentation, including SSPs, CPs, and ISAs.Strong understanding of NIST 800-53, 800-37, RMF, and related federal security frameworks.Experience with vulnerability management tools such as Tenable Nessus.Knowledge of operating systems, network architecture, web applications, and database security principles.Experience supporting cloud security implementations (e.g., AWS GovCloud).Familiarity with FISMA compliance and other federal oversight activities.Ability to conduct security audits and reviews of audit logs.Strong communication and technical writing skills to document findings, plans, and security posture clearly.Preferred QualificationsSecurity certifications such as Security , CISSP, or CEH.Experience coordinating directly with Authorizing Officials (AOs) and system owners during security assessments and ATO processes.Prior experience supporting federal agencies or large enterprise organizations.Experience working in high-security or mission-critical environments.Why Join LightFeather?At LightFeather, you're not just taking a job—you're joining a purpose-driven team that delivers innovative, mission-critical solutions to make a real difference. You'll work on diverse, meaningful projects that challenge and inspire you, alongside some of the best minds in the industry.

Salary : $127,000 - $170,000