LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. They are seeking a Cybersecurity Engineer to support the secure deployment and continuous authorization of IronSled, an enterprise Platform as a Service built for federal missions.
Responsibilities:
- Lead Risk Management Framework (RMF) activities for the LIGER deployment, including system categorization, control selection and tailoring, implementation, assessment, and continuous monitoring
- Own and maintain authorization artifacts: System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and supporting documentation aligned to DHS requirements
- Coordinate directly with ISSOs, Authorizing Officials, and cyber working groups to advance ATO and continuous authorization activities
- Interpret NIST 800-53 controls in the context of the LIGER platform and translate them into actionable engineering requirements
- Run and review vulnerability scans across CI/CD pipelines and runtime environments, triage findings, and drive remediation through the engineering team
- Validate secure configurations and hardening baselines (e.g., CIS Benchmarks, DISA STIGs) on containers, hosts, and cloud resources
- Partner with platform engineers on cloud and container security in AWS GovCloud, including IAM, network controls, secrets management, logging, and runtime protection
- Develop and maintain security policies, procedures, and standard operating procedures (SOPs) specific to LIGER on customer infrastructure
- Track audit findings, remediation actions, and POA&M items to closure
- Support FedRAMP-aligned control implementation and inheritance where applicable
- Advise senior LIGER and leadership on system risk levels, control effectiveness, and emerging compliance considerations for AI/LLM systems in federal environments
Requirements:
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field
- 5+ years of experience designing, implementing, and monitoring cybersecurity solutions in federal environments
- 5+ years of hands-on RMF experience, including ATO development and continuous monitoring against NIST 800-53
- CISSP, CISM, or equivalent senior-level cybersecurity certification
- Strong working knowledge of cloud security, particularly AWS, with experience in GovCloud or similar high-compliance environments
- Experience with vulnerability management workflows: scanning, triage, remediation tracking, and reporting
- Experience hardening systems against secure baselines such as CIS Benchmarks or DISA STIGs
- Familiarity with secure software development practices: secrets management, access control, auditability, and CI/CD pipeline security
- Strong written communication skills, including the ability to produce ATO artifacts that hold up to assessor and AO review
- Ability to translate compliance requirements into specific engineering work and partner closely with developers
- Direct experience supporting ATO or continuous authorization for systems hosted at DHS, or another DHS component
- Familiarity with DHS 4300A and cybersecurity policies and processes
- FedRAMP readiness or assessment experience (Moderate or High)
- Hands-on container and Kubernetes security experience (e.g., EKS, image scanning, admission control, runtime protection)
- DevSecOps experience integrating security scanning into GitLab CI/CD pipelines
- Experience securing LLM, GenAI, or agentic AI systems, including data handling, prompt and tool-call risk, and model output controls
- Experience with vulnerability management platforms such as Tenable
- Experience with ATO documentation tooling (e.g., Xacta, OpenRMF, or similar)
- Familiarity with CISA Binding Operational Directives, Continuous Diagnostics and Mitigation (CDM), or High Value Asset (HVA) program requirements