Logistics Management Institute

Cybersecurity Engineer - Clearance Required

Logistics Management Institute$111K — $200K *
US-AnywhereRemote in United States
Aerospace & Defense
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field
  • 5+ years designing, implementing, and monitoring cybersecurity solutions in federal environments
  • 5+ years of hands-on RMF experience, including ATO development and continuous monitoring against NIST 800-53
  • CISSP, CISM, or equivalent senior-level cybersecurity certification
  • Strong knowledge of AWS cloud security, especially in GovCloud or similar high-compliance environments
  • Experience with vulnerability management workflows: scanning, triage, remediation tracking, and reporting
  • Ability to translate compliance requirements into engineering tasks and collaborate closely with developers

Responsibilities

  • Lead Risk Management Framework (RMF) activities for the LIGER deployment
  • Own and maintain authorization artifacts aligning with DHS requirements
  • Coordinate directly with ISSOs and cyber working groups to advance ATO and continuous authorization
  • Interpret NIST 800-53 controls and translate them into actionable engineering requirements
  • Run and review vulnerability scans, triage findings, and drive remediation
  • Validate secure configurations and hardening baselines on containers and cloud resources
  • Partner with platform engineers on AWS GovCloud security aspects

Benefits

  • Access to cutting-edge technology in a high-impact role
  • Engage directly with federal cybersecurity initiatives
  • Collaborative and fast-paced work environment
  • Opportunities for professional growth and skill development
  • Work within a high-visibility team under mission-critical conditions
Full Job Description
Overview

We’re looking for a Cybersecurity Engineer to support the secure deployment and continuous authorization of IronSled, an enterprise Platform as a Service built for federal missions. You’ll join a small, high-visibility team and own the security work that lets IronSled reach production, maintaining the ATO posture, driving vulnerability management, and partnering with cyber stakeholders to keep the platform compliant as it evolves.  

 

This is hands-on cyber engineering, not paper compliance. You’ll work alongside platform engineers, ISSOs, and the security team to harden deployments, validate controls, and resolve findings against real systems. If you want to do federal cybersecurity in an environment that ships fast and treats security as part of the product, keep reading.

 

IronSled is LMI’s DevSecOps platform that serves as the central hub for all software development projects. IronSled allows internal and external users to set up development environments with just a few clicks.

 

 

Responsibilities

What You’ll Do

 

• Lead Risk Management Framework (RMF) activities for the LIGER deployment, including system categorization, control selection and tailoring, implementation, assessment, and continuous monitoring

• Own and maintain authorization artifacts: System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and supporting                     documentation aligned to DHS requirements

• Coordinate directly with ISSOs, Authorizing Officials, and cyber working groups to advance ATO and continuous authorization activities

• Interpret NIST 800-53 controls in the context of the LIGER platform and translate them into actionable engineering requirements

• Run and review vulnerability scans across CI/CD pipelines and runtime environments, triage findings, and drive remediation through the engineering team

• Validate secure configurations and hardening baselines (e.g., CIS Benchmarks, DISA STIGs) on containers, hosts, and cloud resources

• Partner with platform engineers on cloud and container security in AWS GovCloud, including IAM, network controls, secrets management, logging, and runtime protection

• Develop and maintain security policies, procedures, and standard operating procedures (SOPs) specific to LIGER on customer infrastructure

• Track audit findings, remediation actions, and POA&M items to closure

• Support FedRAMP-aligned control implementation and inheritance where applicable

• Advise senior LIGER and leadership on system risk levels, control effectiveness, and emerging compliance considerations for AI/LLM systems in federal environments

Qualifications

What We’re Looking For

 

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field

• 5+ years of experience designing, implementing, and monitoring cybersecurity solutions in federal environments

• 5+ years of hands-on RMF experience, including ATO development and continuous monitoring against NIST 800-53

• CISSP, CISM, or equivalent senior-level cybersecurity certification

Experience securing LLM, GenAI, or agentic AI systems, including data handling, prompt and tool-call risk, and model output controls

• Strong working knowledge of cloud security, particularly AWS, with experience in GovCloud or similar high-compliance environments

• Experience with vulnerability management workflows: scanning, triage, remediation tracking, and reporting

• Experience hardening systems against secure baselines such as CIS Benchmarks or DISA STIGs

• Familiarity with secure software development practices: secrets management, access control, auditability, and CI/CD pipeline security

• Strong written communication skills, including the ability to produce ATO artifacts that hold up to assessor and AO review

• Ability to translate compliance requirements into specific engineering work and partner closely with developers

 

 

What Will Set You Apart

 

• Direct experience supporting ATO or continuous authorization for systems hosted at DHS, or another DHS component.

• Familiarity with DHS 4300A and cybersecurity policies and processes

• FedRAMP readiness or assessment experience (Moderate or High)

• Hands-on container and Kubernetes security experience (e.g., EKS, image scanning, admission control, runtime protection)

• DevSecOps experience integrating security scanning into GitLab CI/CD pipelines

• Experience securing LLM, GenAI, or agentic AI systems, including data handling, prompt and tool-call risk, and model output controls

• Experience with vulnerability management platforms such as Tenable

• Experience with ATO documentation tooling (e.g., Xacta, OpenRMF, or similar)

• Familiarity with CISA Binding Operational Directives, Continuous Diagnostics and Mitigation (CDM), or High Value Asset (HVA) program requirements

 

Target salary range: $111,427 - $200,000

 

Disclaimer: The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances. 

About Logistics Management Institute

Logistics Management Institute (LMI) is a consulting firm dedicated to improving the management of government. LMI provides leaders with the objective analysis, tools, and programs they need to make informed decisions for their organizations. LMI is a not-for-profit organization that has been providing innovative solutions to complex problems since 1961. LMI serves clients in the federal government, state and local governments, and the private sector.
Learn more about Logistics Management Institute
Size
1,700 employees
Industry

Similar Jobs

More Jobs at Logistics Management Institute

More Aerospace & Defense Jobs

Find similar Cybersecurity Engineer - Clearance Required jobs: