Information Security Analyst (Mid) - LCG, Inc.
Maryland, MD 20892
About the Job
This job opportunity is part of an RFP process; candidates are invited to submit their resumes detailing relevant experience.
Location: Bethesda, MD (Hybrid)
LCG is a minority-owned technology consulting firm that has been a trusted partner to more than 40 federal agencies, including 21 of the 27 Institutes and Centers (ICs) at the National Institutes of Health (NIH). For over 25 years, LCG has brought digitization and innovation to the Health and Human Services (HHS) and the NIH ecosystems. We support IT organizations by bringing precision technology and operation models that achieve mission capabilities and performance success.
Job Title - Information Security Analyst (Mid)
Job Summary - The Information Security Analyst (Mid) is responsible for ensuring the security of the organization's systems and information assets. This role involves safeguarding against unauthorized access, modification, or destruction of data while also developing and enforcing IT security policies and standards. The analyst will collaborate with end users to assess departmental needs and implement security measures in compliance with organizational and governmental regulations. The role is occasionally directed in various tasks and provides exposure to more complex security initiatives, including cloud architecture and security.
Key Responsibilities
Perform verification and validation of security vulnerabilities, and maintain necessary security documentation for cloud-based systems.
Ensure compliance with NIST, FIPS, and other federal security guidelines.
Collaborate with cloud operations and security teams to monitor and maintain the security authorizations for environments such as Cloud ATOs (Authority to Operate).
Develop IT security policies and standards aligned with organizational and NIH objectives.
Implement security measures, track compliance, and update policies as needed to meet emerging threats and best practices.
Support the architecture and implementation of secure cloud environments, focusing on protection and continuous monitoring of NIH cloud services.
Assist in cloud-based data migration, security architecture planning, and vulnerability assessments.
Contribute to automated security processes such as GitHub and Azure AD integration for security settings and compliance reports.
Conduct assessments of cloud-related security, focusing on the infrastructure, applications, data integration, and process improvements.
Provide recommendations and present findings to stakeholders through detailed reports and presentations.
Work with cross-functional teams to align cloud security strategies with organizational goals and ensure adherence to best practices.
Assist with the development of cloud roadmaps and documentation related to cloud security architecture and operations.
Qualifications
Bachelor’s degree in Information Technology, Cybersecurity, or a related field (or equivalent work experience).
2-4 years of experience in IT security, cloud security, or related roles.
Familiarity with federal security compliance standards such as NIST, FIPS, and OMB guidelines.
Experience with cloud service providers (AWS, Azure, GCP) and securing cloud-based environments.
Strong understanding of security policies, vulnerability assessments, and risk management practices.
Experience working in a federal government or healthcare-related environment.
Hands-on experience with security tools such as GitHub, Azure AD, and cloud automation platforms.
Certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or CompTIA Security+ are a plus.
Strong analytical and problem-solving skills.
Excellent communication skills with the ability to collaborate with technical and non-technical stakeholders.
Ability to work independently as well as part of a team.
Proficiency in developing security documentation and conducting security assessments.
Compensation and Benefits
The projected compensation range for this position is $88,000 to $123,400 per year benchmarked in the Washington, D.C. metropolitan area. The target salary is $103,000. The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience.
LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits.
Devoted to Fair and Inclusive Practices
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department by email at hr@lcginc.com.
Securing Your Data
Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or system@hirebridgemail.com emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at hr@lcginc.com.
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.