IT Security Lead

IT Security Lead

Location: Bethesda MD (Onsite with some Hybrid flexibility)

Job Overview: LCG is seeking an experienced IT Security Lead to oversee cybersecurity operations and compliance across Clients enterprise IT environment. The IT Security Lead will provide technical leadership in cybersecurity operations vulnerability management patching system hardening FISMA compliance and incident response. This individual will serve as the senior cybersecurity authority ensuring Clients IT services are resilient against threats and aligned with NIH and federal security standards.

Key Responsibilities

Cybersecurity Operations

• Oversee routine vulnerability scanning monitoring and remediation across networks endpoints and systems.
• Lead patch management and system hardening activities ensuring compliance with established security baselines and policies.
• Maintain and configure security event logging and auditing tools (Splunk Tripwire Cylance Tenable BigFix etc.).
• Manage and update system baselines including configuration management and security monitoring policies.
• Ensure network defense capabilities are current securely configured and effectively monitored.
• Ensure all Network Defense capabilities are kept current patched securely configured and operational with status communicated to program management.
• Work directly with systems engineers and O&M personnel to validate that integrated systems meet all required security requirements.

Incident Response & Risk Management

• Lead incident detection response and remediation activities including forensic analysis and root cause reporting.
• Monitor data flows across networks to identify and mitigate security gaps or non-compliant data exchanges.
• Provide real-time situational awareness and reporting to program management regarding emerging threats vulnerabilities and risks.
• Serve as a primary escalation point for all cybersecurity incidents.
• Maintain knowledge of vulnerability dissemination sources (e.g. alerts advisories errata and bulletins) and integrate findings into proactive defense strategies.
• Ensure security event monitoring policies are implemented and continuously updated.

Compliance & Governance

• Ensure systems and operations remain compliant with FISMA NIST FIPS-199 and NIH security requirements.
• Support Authority to Operate (ATO) processes audits and annual security assessments.
• Provide documentation reports and metrics that measure Clients cybersecurity posture.
• Collaborate with systems engineers O&M teams and stakeholders to ensure integrated security compliance across IT services.
• Ensure that configuration items and baseline security documents are maintained in accordance with program requirements.

Leadership & Stakeholder Engagement

• Provide strategic guidance and technical expertise to Clients IT leadership on cybersecurity policies and initiatives.
• Communicate complex technical concepts clearly to both technical and non-technical audiences including executives.
• Lead cross-functional security initiatives and support collaboration across federal IT and contractor teams.
• Contribute to strategic planning and recommend improvements in security architecture and processes.
• Represent Client IT Security interests in cross-agency and NIH security meetings ensuring NIH compliance with enterprise standards.

Requirements

• 46 years of hands-on leadership experience in IT Security/Cybersecurity operations.
• 3 years of experience with emerging cybersecurity tools (Splunk Tripwire Cylance Tenable BigFix etc.).
• Strong knowledge of vulnerability management incident response methodologies and system hardening practices.
• Bachelors degree in Computer Science Engineering or related STEM field (additional 4 years of relevant cybersecurity experience may substitute).
• 10 years of cybersecurity-related professional experience overall.
• Certifications: Active CISSP CISA CISM SSCP or equivalent.
• Prior federal government IT Security experience.
• Experience supporting FISMA compliance and NIST-based cybersecurity programs.
• Strong skills in strategic thinking conflict management negotiation multi-tasking and time management.
• Experience with data analytics and risk reporting integrating multiple data sources to measure security posture.
• Expert-level proficiency with Microsoft Office Suite (Word Excel PowerPoint Visio).
• Familiarity with helpdesk ticketing systems (e.g. ServiceNow).
• Ability to work in a fast-paced technically challenging environment anticipating changes and proactively mitigating risks.
• Strong communication and leadership skills with ability to build consensus across diverse stakeholders.
• Demonstrated ability to manage cybersecurity programs in alignment with federal standards while supporting daily operations continuity.

Compensation and Benefits

The projected compensation range for this position is $100000 to $200000 per year benchmarked in the Washington DC Metro area. The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors including but not limited to role location the combination of education/training knowledge skills competencies certifications and work experience.

LCG offers a competitive comprehensive benefits package which includes health insurance options (medical dental vision) life and disability insurance retirement plan contributions as well as paid leave federal holidays professional development and lifestyle benefits.

Devoted to Fair and Inclusive Practices

All qualified applicants will receive consideration for employment without regard to sex race ethnicity age national origin citizenship religion physical or mental disability medical condition genetic information pregnancy family structure marital status ancestry domestic partner status sexual orientation gender identity or expression veteran or military status or any other basis prohibited by law.

If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position contact our Human Resources department by email at.

Securing Your Data

Beware of fraudulent job offers using LCGs name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from oremails not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information contact us immediately at.

If you believe you are the victim of a scam contact your local law enforcement and report the incident to theU.S. Federal Trade Commission.