Cybersecurity Specialist

Overview

LMI is seeking a Cybersecurity Specialist to support the Integrated Clinical System PMO's mission to develop, manage and perform end to end life cycle logistics on medical equipment to protect and sustain the Warfighter's and their families for the Nation. The Cybersecurity Specialist will work directly with DoD and vendors running tests and evaluations on their medical equipment operating systems that will be sitting on the DoD network validating that the systems meet the DoD Risk Management Framework (RMF) requirements ensure the system is not vulnerable to inside and outside threats. This position requires the ability to obtain a Public Trust Clearance (NACI). The position can be performed in a hybrid remote capacity with onsite requirements needed @ 2 days/week at the client site in Frederick, MD.

LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed.

Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors-helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value.

Responsibilities

• This position is responsible for working with LMI's team supporting our DoD customer to ensure the appropriate administrative, physical and technical information security safeguards are implemented across a portfolio of deployed military medical devices.
• Under general guidance of the Team Lead and the client, the incumbent will conduct information security assessments and testing to ensure the proper implementation of security controls across the environment. This includes populating defined security/risk assessments, identifying gaps and compensating controls, identifying remediation plans, and publishing management reports of results. This position may also participate in incident response investigations, help identify opportunities for product improvement, maintain policies and procedures that are designed to be operationally effective and efficient, and monitor compliance to policies, laws and regulations. The security specialist works with the DoD client to select and deploy technical controls to meet specific security requirements, and defines processes and standards to ensure that security configurations are maintained.
• Conduct evaluations of technical and non-technical security safeguards to demonstrate and document compliance with the DoD's Risk Management Framework (RMF) requirements for security and interoperability.
• Perform information security risk assessments as part of the project lifecycle to ensure that new medical device technology conforms to security standards against internal and external threats.
• Perform Independent verification and validation (IV&V) testing, to include documentation of Plan of Action and Milestones (POAM) data within the DoD system.
• Perform risk assessments of information and technology systems by conducting accurate and thorough assessments of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of information and technology systems.
• Work with security leadership and stakeholders to identify remediation strategies and plans to enforce security requirements and address risks identified in the risk assessment process.
• Along with the Security Architect, advise during application development or acquisition projects to ensure that security controls are implemented as planned.
• Work with other security department members and stakeholders in scoping, planning and conducting third-party penetration testing, code reviews, or security assessments during the information security process.
• Perform risk assessments of third-party technology systems by conducting accurate and thorough assessments of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of DoD information and technology systems.
• Produce information security risk assessment reports that identify gaps with DoD Security Policies & Standards and propose remediation plans.
• Assist in conducting information system activity reviews and participate in Risk Management Framework (RMF) testing exercises and activities: Monitor and test application and network activity for assurance that systems of controls are in place and effective, and for compliance to DoD policies and federal regulations.

Qualifications

• Bachelor's degree in a related discipline or a minimum of four (4) years of experience
• Ability to obtain a Public Trust Clearance (NACI).
• CompTIA Security + Certifications
• Working knowledge internal controls & IT Risk Assessment and Mitigation procedures
• Technical experience in security-related technologies such as encryption, remote access, anti-virus systems, etc.
• A basic knowledge of the 8 domains of the Common Body of Knowledge for information security:
• Security & Risk Management
• Asset Security
• Security Engineering
• Communications and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security
• Desired: Experience with medical devices or a working knowledge of security frameworks such as HIPAA, HITRUST, NIST, ISO or other industry standards that are relevant to the DoD medical enterprise

Target salary range: $86,126 - $125,000

Disclaimer:

The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances.

Options

Apply for this job onlineApply

Share

Email this job to a friendRefer

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.

Share on your newsfeed

LMI is an Equal Opportunity Employer. LMI is committed to the fair treatment of all and to our policy of providing applicants and employees with equal employment opportunities. LMI recruits, hires, trains, and promotes people without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, disability, age, protected veteran status, citizenship status, genetic information, or any other characteristic protected by applicable federal, state, or local law. If you are a person with a disability needing assistance with the application process, please contact
Colorado Residents: In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.

Need help finding the right job?