Senior Information Systems Security Engineer

Overview

This is a hybrid (within 50 miles of Fort Bragg, NC) or fully remote position.

LMI is seeking an Information Systems Security Engineer (ISSE) with a minimum of a SECRET clearance to provide cybersecurity Risk Management Framework (RMF) Authority to Operate (ATO) support for the United States Army.

LMI is a consultancy dedicated to powering a future-ready, high-performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers’ unique mission needs, backed by objective research and data analysis. Founded in 1961 to help the Department of Defense resolve complex logistics management challenges, LMI continues to enable growth and transformation, enhance operational readiness and resiliency, and ensure mission success for federal civilian and defense agencies.

LMI has been named a 2022 and 2024 #TopWorkplace in the United States by Top Workplaces! We are honored to be recognized as a company that values a people-centered culture, and we are grateful to our employees for making this possible!

This position requires an active Secret clearance, TS/SCI Preferred.

Responsibilities

• Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and Authorizing Officials (or their delegates).
• Ensure cybersecurity requirements are identified, allocated, implemented, verified, and continuously monitored throughout the system life cycle.
• Provide independent cybersecurity advice and guidance to government stakeholders and contractor team members.
• Participate in recurring cybersecurity working group meetings.
• Develop or review system security designs and architectures, including those for cloud, on-prem or hybrid.
• Support Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans for to also then execute.
• Support the Risk Management Framework (RMF) process for each product in the portfolio at all different classification levels including implementation of Security Technical Implementation Guides (STIGs)
• Provide SME level cybersecurity engineering support and input to product leads and cybersecurity teams to produce and maintain Authority to Operate (ATO) packages and successfully achieve/maintain ATOs.
• Support Interim Authority to Test (IATT), risk assessment/acceptance, and all other ATO related activities.
• Identify and interpret security control non-compliance to determine the impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
• In concert with ISSM, work with product teams to identify controls, develop appropriate mitigations, and develop and track Program of Action and Milestone (POAM) documents to ensure that ATO packages are technically sound before submission to the program cyber government staff for review.
• Perform necessary compliance activities IAW AWS Shared Responsibility Model (e.g., ensure that system security configuration guidelines (NIST 800-53 Rev 5) are followed, compliance monitoring occurs).
• Advise system engineers on the best methods to remediate vulnerability findings using security scanning tools and DoD / Industry best practices.
• Support cybersecurity engineering analysis of alternatives, tradeoffs, and risk treatment decisions.
• Work with interdisciplinary teams to deliver trustworthy and secure systems.
• Be able to build and maintain dashboards including but not limited to Platform system controls, logs, and compliance monitoring.
• Automate IaC implementation utilizing Terraform
• Participate in Requests for Change (RFC), Account Requests, Change Management Processes, IAVM tracking, and Cyber Task Orders (CTOs).
• Perform data transfers between security domains IAW SOCOM policies and procedures as a Data Transfer Agent (DTA).

Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field
• 5 years minimum of system and/or security engineering work performed in support of U.S. Government customers
• Experience authoring and maintaining (or contributing documents) of RMF Assessment and Authorization (A&A) documentation, e.g., System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POAMs)
• Experience implementing DoDI 8510.01 Risk Management Framework for DoD
• DoD 8140 Foundational Qualification Options in the Intermediate category for Cybersecurity Quals in the 500 series.
• AWS Certified Security – Specialty or similar
• Deep understanding of Linux based operating systems
• Must possess and maintain a SECRET Security Clearance
• Experience with Cloud (i.e., Azure, Amazon C2S, Commercial and GovCloud) security planning, design, and operations.
• Experience with EKS
• Ability to explain complex cybersecurity issues to a diverse audience in layman's terms.

Desired Qualifications

• Experience with batch scripting/python
• TOP SECRET security clearance
• AWS Certified Solutions Architect - Professional