OverviewSeeking a
Cybersecurity Engineer to lead system Assess and Authorize (A&A) activities related to the sustainment of U.S. Army medical devices and systems. The Cybersecurity Engineer will execute duties supporting the Risk Management Framework (RMF) lifecycle culminating in successful Authority to Operate (ATO) decisions and continuous monitoring.
Work location is client site, Fort Detrick, MD with partial teleworking permitted. This position requires an active Secret security clearance.LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed.
Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors-helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value.
Responsibilities- Lead the development, review and management of system Assess and Authorize documentation to ensure it is compliant with RMF standards.
- Develop guidance and assists associates through the RMF phases.
- Perform Risk Management and testing of Federal Information System Controls Audit Manual (FISCAM) and RMF controls utilizing Committee on National Security Systems Instruction (CNSS) Instructions 1253 Security Controls Assessment Procedures pursuant to National Institute of Standards and Technology (NIST) Special Publication 800-53 to maintain the information system's security posture.
- Lead IATT and ATO activities.
- Maintain system accreditation status, develops reports, and alerts system proponents when accreditation documentation must be updated.
- Support the organization's program that implements information systems security technology and procedures, to include access control and authentication of users and transmitted information.
- Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures (SOPs) on the security of information systems.
- Review Army and DoD policy and develop local policy and procedures that implement the Army and DoD's Cybersecurity subprograms and initiatives.
- Review and evaluate system and network changes for cybersecurity impact and effect on confidentiality, integrity, availability and overall system security posture.
- Create and submit Plan of Actions & Milestones (POA&M) for review and approval by the Authorizing Official (AO).
Qualifications- DOD Cyber Workforce (DCWF) 8140 (451) System Administrator role: A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRC (conferred within 5 years or able to prove continuous relevant work experience) -OR- Personnel Certifications: Cloud+ or GICSP or SSCP or Security+ or GSEC. If none, must be willing to obtain in first 30-days.
- 3-5 years demonstrated experience designing, implementing, and monitoring cybersecurity solutions
- 3-5 years demonstrated RMF and eMASS experience
- Familiarity with HBSS, Fortify, ACAS /Nessus
- Certified Information Systems Security Professional (CISSP) (or Associate), Certified Information Security Manager (CISM), Global Information Assurance Certification Security Leadership Certificate (GSLC), Certified Chief Information Security Officer (CCISO) or equivalent DoD 8570 IAM Level III certification
- Must possess and maintain a Secret Security Clearance
Desired Qualifications- Core KSATs for DoD Cyber Workforce (DCWF):
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
- Knowledge of cybersecurity principles.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).
- Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.
- AWS cloud experience
- Azure Cloud Experience
- Bachelor's degree in a related field
Target salary range: $131,090 - $200,000
Disclaimer: The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances.
OptionsApply for this job onlineApply
Share
Email this job to a friendRefer
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed
LMI is an Equal Opportunity Employer. LMI is committed to the fair treatment of all and to our policy of providing applicants and employees with equal employment opportunities. LMI recruits, hires, trains, and promotes people without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, disability, age, protected veteran status, citizenship status, genetic information, or any other characteristic protected by applicable federal, state, or local law. If you are a person with a disability needing assistance with the application process, please contact
Colorado Residents: In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.
Need help finding the right job? 
Never miss an opportunity! Create an alert based on the job you applied for.