Junior Information Security Professional

LightFeather.io, LLC is hiring Entry Level II Junior ISSO to work on our team supporting the Department of Homeland Security (DHS). This is a long-term project located in Washington DC. In this position, you will work in a collaborative environment an integrated team consisting of resources from DHS, LightFeather and others.

All candidates must demonstrate a high degree of initiative, passion for innovation, a solid understanding of information security, and a willingness to work in a highly collaborative security culture. If accepted for a position with LightFeather.io, LLC, you will be joining a team that embraces agile security methodologies with an emphasis on automation, continuous monitoring and innovative security.

This position requires US Citizenship.   

Responsibilities:

  • Work closely with an onsite Team Lead to perform independent compliance reviews, tracking, and continuous monitoring of newly submitted C&A packages
  • Assist with the Lifecycle Security Authorization (SA) process and developing a Systems Security Plan (SSP)
  • Monitor and track projects in the S&A test queue
  • Maintain a document repository where SA project documentation is stored
  • Work closely with system/application developers to identify the appropriate certification/approval processes and authorities
  • Record/register actions concerning project approvals to operate in the SA database
  • Read and analyze SSPs with minimal assistance, and develop understanding of systems and applications into security test plans
  • Coordinate SA actions and system testing with appropriate security personnel
  • Develop Risk Assessment (RA) Reports
  • Assemble and submit SA packages to Principal Accreditation Authority/Designated Accreditation Authority (DAA)
  • Review Information Assurance (IA) Compliance Validation Tests and Reports
  • Prepare Vulnerability Remediation Plans
  • Act as C&A project register, managing the C&A registration process

Required Qualifications:

  • Minimum of one verifiable security certification (e.g.,Security+, CISSP CISM, etc.)
  • Active Secret level security clearance
  • 0-3 years of experience in information security, with a concentration on SA as it applies to the US Government.
  • Knowledge of the federal security authorization (formerly known as Certification and Accreditation or C&A) process to include key activities and milestones required throughout each phase of the security authorization lifecycle.
  • Experience with the NIST/FISMA regulatory and compliance environment.
  • Highly-motivated, fast-learner who thrives in a fast paced environment.
  • Be able to communicate effectively through written and verbal means to co-workers and senior leadership.
  • Be able to effectively manage multiple tasks simultaneously; coordinating and ensuring scheduled goals are met.
  • Be able to work well with collateral engineers, analysts, and managers on related programs.
  • Possess or be able to obtain a US Government security clearance.