We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
LCG, Inc. jobs

Information Security Analyst , Senior

LCG, Inc.
retirement plan
United States, D.C., Washington
Mar 20, 2025

This job opportunity is part of a RFP process; candidates are invited to submit their resumes detailing relevant experience.

Job Title: Information Security Analyst , Senior

Work Location: Washington DC (Onsite)

Clearance: Public Trust

Required: US citizen or Lawful Permanent Resident

LCG is a minority-owned technology consulting firm that has been a trusted partner to more than 40 federal agencies, including 21 of the 27 Institutes and Centers (ICs) at the National Institutes of Health (NIH). For over 25 years, LCG has brought digitization and innovation to the Health and Human Services (HHS) and the NIH ecosystems. We support IT organizations by bringing precision technology and operation models that achieve mission capabilities and performance success.

Job Summary:

LCG's Growth Team is seeking an experienced Information Security Analyst , Senior . Our client plays a crucial role in safeguarding the nation's financial stability by identifying and mitigating cybersecurity risks. As an Information Security Support Specialist, you will support client's cybersecurity risk management efforts by refining and implementing processes to assess internal and third-party systems, track weaknesses, and ensure compliance with federal security standards. You will conduct security assessments, manage risks, and provide ongoing monitoring and reporting to support informed, risk-based decision-making.

This role requires a deep understanding of federal cybersecurity frameworks, including NIST 800 series publications, FedRAMP, and FIPS, as well as hands-on experience with security assessments, vulnerability management, and compliance reporting. You will serve as the primary liaison between OFR and supporting personnel, ensuring proper coordination and execution of security tasks.

Key Responsibilities



  • Act as the primary liaison between client and security personnel, including Security Control Assessors, ISSOs, and Continuous Monitoring teams.
  • Ensure client cybersecurity goals are clearly communicated and implemented across all task areas.
  • Provide guidance, support, and supervision to security personnel, ensuring proper task prioritization and allocation.
  • Validate and review deliverables to ensure accuracy, compliance, and adherence to deadlines.
  • Use the NIST Risk Management Framework (RMF) to assess and evaluate security controls, identifying gaps and recommending improvements.
  • Ensure compliance with federal regulations, including NIST Special Publications, FIPS, and FedRAMP.
  • Prepare and maintain Security Authorization Packages, including Security Impact Assessments, Risk Assessments, and Security Authorization Memorandums.
  • Identify, assess, and prioritize cybersecurity risks, collecting evidence and documenting findings.
  • Track and report on Plans of Action and Milestones (POA&Ms) to ensure timely remediation of security deficiencies.
  • Coordinate third-party risk assessments and IT audits, managing remediation efforts and providing status updates.
  • Support security initiatives, policy adherence, and awareness programs across OFR.
  • Develop and maintain security configuration baselines for Windows and Linux platforms.
  • Review system logs to detect intrusions, policy violations, and vulnerabilities.
  • Work with security tools such as Nessus, Nexpose, Forescout, BigFix, and RES to monitor and improve security posture


Qualifications



  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 10+ years of experience in Information Security.
  • 5+ years of experience managing Windows server platforms.
  • Certifications Preferred: CISSP, CISM or equivalent security certifications.
  • Extensive knowledge of NIST 800 series, FIPS, FedRAMP, and federal security regulations.
  • Strong expertise in the NIST Risk Management Framework (RMF), including SA&A documentation, System Security Plans, Security Assessment Reports, and Risk Assessments.
  • Hands-on experience with security scanners (e.g., Nessus, Nexpose) and vulnerability remediation.
  • Experience in security configuration baselines (CIS, STIGS) for Windows and Linux.
  • Ability to review system logs for potential intrusions and policy violations.
  • Experience using Forescout, BigFix, and RES is a plus.


Compensation and Benefits

The projected compensation range for this position is $122,200 to $153,400 year benchmarked in the Washington, D.C. metropolitan area. The target salary is $132,800.00. The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience.

LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits.

Devoted to Fair and Inclusive Practices

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department by email at hr@lcginc.com.

Securing Your Data

Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or system@hirebridgemail.com emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at hr@lcginc.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

This job opportunity is part of an RFP process; candidates are invited to submit their resumes detailing relevant experience.


Applied = 0
MORE JOBS LIKE THIS

(web-6468d597d4-w6ps7)