Overview
LMI is seeking a skilled cybersecurity SME for the US Army that is a fully remote position. This position requires an active Secret Clearance, for which you must be a US Citizen.
LMI is a consultancy dedicated to powering a future-ready, high-performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers’ unique mission needs, backed by objective research and data analysis. Founded in 1961 to help the Department of Defense resolve complex logistics management challenges, LMI continues to enable growth and transformation, enhance operational readiness and resiliency, and ensure mission success for federal civilian and defense agencies.
Responsibilities
- Oversee the implementation and application of technologies, processes, and practices designed to protect applications, networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
- Maximize the use of existing tools to correlate information and synthesize data into actionable intelligence for incident response and overall cybersecurity situational awareness.
- Identify, assess, and integrate new technologies to enhance cybersecurity defenses, and conduct in-depth research on emerging cybersecurity technologies, practices, policies, and procedures.
- Communicate complex technical concepts and project details clearly to both technical and non-technical stakeholders at varying levels, providing situational awareness and facilitating informed decision-making by government leadership.
- Provide expert insight into industry trends and make strategic recommendations for the future direction of the program’s cybersecurity systems and network defenses, ensuring effective incident response capabilities.
- Support other cybersecurity initiatives, including patch and vulnerability management, network monitoring, intrusion detection/prevention, and log analysis.
- Identify and recommend mitigations for identified threats, vulnerabilities, and capability shortfalls, ensuring continuous protection.
- Develop and manage Plans of Action and Milestones (POA&M) in support of risk mitigation strategies.
- Review and provide recommendations on program-level documentation (e.g., system architecture, design documents, test plans, security plans, POA&Ms).
Qualifications
- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field, or equivalent professional experience.
- At least 10 years of experience working in cybersecurity risk management; with at least 5 years of experience working in cybersecurity risk management for the Department of Defense or other federal government agency.
- Demonstrated ability to deliver high-value technical and strategic deliverables, including reports, presentations, executive summaries, white papers, and decision-support materials for senior leadership.
- In-depth understanding of DoD cybersecurity frameworks, including DoD Cloud Computing Security Requirements Guide (CC SRG) and Secure Cloud Computing Architecture (SCCA).
- Strong familiarity with DoD, NIST, FIPS, FISMA, and FedRAMP cybersecurity standards and frameworks.
- At least 7 years of experience with cybersecurity tools, including Security Information and Event Management (SIEM) platforms (e.g., ArcSight, ELK Stack, Splunk), Host-Based Intrusion Prevention Systems (HBSS/ESS), and Vulnerability Management Tools (e.g., ACAS, Tenable Nessus).
- Understanding of Security Technical Implementation Guides (STIG) and Security Requirements Guides (SRG).
- Must hold an active Secret Security Clearance; U.S. citizenship is required.
- Must possess or obtain within 6 months of hire the following certification(s) depending on role:
- For ISSM role: IAM III Certification (CISSP, CSSLP, GSLC, CCISO).
- For technical cybersecurity role: IAT III Certification (CISSP, CASP+, CCNP Security, CISA, GCED, GCIH, CCSP).
- Familiarity with SAP solution design and business processes preferred but not required.