Jobs · himalayas

L

Information Systems Security Manager (ISSM)

Nimbus Data Systems · United States · Posted 27d ago

remoteseniorEstimated 131k-280k USD🇺🇸 United States
Apply on himalayas

About the role

Lead security management for LIGER, ensuring compliance and authorization for an enterprise AI platform.

Overview We’re looking for an Information Systems Security Manager (ISSM) to lead the authorization and continuous compliance of LIGER, an enterprise AI platform for our DHS customer. You’ll own the security management posture for the platform: developing and maintaining the authorization package, driving the Risk Management Framework (RMF) lifecycle, and serving as LIGER’s primary security management interface to cyber leadership. This position requires a CBP Background Investigation; U.S. citizenship is required. This is a senior, accountable role. While the LIGER cyber engineering team handles hands-on implementation, you own the strategy, the artifacts, and the relationship with Authorizing Officials and ISSOs. You’ll translate DHS security policy into actionable program direction, lead assessment and authorization (A&A) activities, and make sure LIGER reaches and maintains its Authority to Operate (ATO). LIGER sits within LMI’s Chief Technology Office. We’re a small, high-visibility team building AI tools for federal agencies. The culture is more startup than traditional government contractor; we move fast, solve problems in design spikes rather than scheduled reviews, and care more about outcomes than process. That said, we’re building for users who need reliability and trust, so craft and attention to detail matter, especially in security. As ISSM, you’ll work daily with the platform lead, the cyber engineering team, and product leadership, and directly with cyber stakeholders. You’ll set the security management direction for LIGER’s deployment and have real influence over how the platform balances rigor with the pace of iteration. LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed. Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors—helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value. Responsibilities What You’ll Do • Lead the full RMF lifecycle for LIGER’s deployment, from system categorization and control selection through assessment, authorization, and continuous monitoring • Develop, maintain, and defend the authorization package: System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and supporting artifacts • Serve as LIGER’s primary security management point of contact for Authorizing Officials, ISSOs, assessors, and cyber working groups • Advise LMI and government leadership on system risk levels, control effectiveness, and the cybersecurity posture of the platform, including emerging risks unique to AI/LLM systems • Develop and maintain LIGER security policies, procedures, and SOPs aligned to DHS requirements • Direct the work of cyber engineers and ISSOs supporting LIGER, ensuring activities align to compliance objectives and program timelines • Coordinate A&A activities across distributed teams, including engineering, infrastructure, and stakeholders • Track audit findings, remediation actions, and POA&M items to closure, escalating risks as needed • Interpret noncompliance and translate it into impact assessments and risk-informed mitigation plans • Support FedRAMP-aligned control implementation and inheritance where applicable • Stay current on evolving federal cybersecurity policy and translate changes into LIGER program direction Qualifications What We’re Looking For • Active CBP Background Investigation required; U.S. citizenship is required. • Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or a related field • 8+ years of experience in cybersecurity, information assurance, or related fields, with significant time in federal environments • 5+ years of hands-on RMF experience, including ATO development and continuous monitoring against NIST 800-53 • Demonstrated experience leading authorization activities and serving as the primary security interface to government Authorizing Officials and assessors • CISSP, CISM, or equivalent senior-level cybersecurity certification Experience securing LLM, GenAI, or agentic AI systems, including data handling, prompt and tool-call risk, and model output controls • Strong working knowledge of cloud security in AWS, particularly GovCloud or similar high-compliance environments • Experience writing, defending, and maintaining ATO-grade documentation that holds up to assessor and AO review • Ability to translate compliance requirements into specific engi

Read the full posting on himalayas

FAQ

Is the Information Systems Security Manager (ISSM) role at Nimbus Data Systems remote?+

This Information Systems Security Manager (ISSM) position is listed as remote (United States).

What is the salary for the Information Systems Security Manager (ISSM) role at Nimbus Data Systems?+

The listing states Estimated 131k-280k USD.

What seniority level is this Information Systems Security Manager (ISSM) role?+

This is a senior level position.

How do I apply for the Information Systems Security Manager (ISSM) role at Nimbus Data Systems?+

Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Nimbus Data Systems.