IT Security Lead

IT Security Lead

Location: Bethesda, MD (Onsite with some Hybrid flexibility)

Job Overview: LCG is seeking an experienced IT Security Lead to oversee cybersecurity operations and compliance across Client's enterprise IT environment. The IT Security Lead will provide technical leadership in cybersecurity operations, vulnerability management, patching, system hardening, FISMA compliance, and incident response. This individual will serve as the senior cybersecurity authority, ensuring Client's IT services are resilient against threats and aligned with NIH and federal security standards.

Key Responsibilities

Cybersecurity Operations

• Oversee routine vulnerability scanning, monitoring, and remediation across networks, endpoints, and systems.
• Lead patch management and system hardening activities, ensuring compliance with established security baselines and policies.
• Maintain and configure security event logging and auditing tools (Splunk, Tripwire, Cylance, Tenable, BigFix, etc.).
• Manage and update system baselines, including configuration management and security monitoring policies.
• Ensure network defense capabilities are current, securely configured, and effectively monitored.

Incident Response & Risk Management

• Lead incident detection, response, and remediation activities, including forensic analysis and root cause reporting.
• Monitor data flows across networks to identify and mitigate security gaps or non-compliant data exchanges.
• Provide real-time situational awareness and reporting to program management regarding emerging threats, vulnerabilities, and risks.
• Serve as a primary escalation point for all cybersecurity incidents.

Compliance & Governance

• Ensure systems and operations remain compliant with FISMA, NIST, FIPS-199, and NIH security requirements.
• Support Authority to Operate (ATO) processes, audits, and annual security assessments.
• Provide documentation, reports, and metrics that measure Client's cybersecurity posture.
• Collaborate with systems engineers, O&M teams, and stakeholders to ensure integrated security compliance across IT services.

Leadership & Stakeholder Engagement

• Provide strategic guidance and technical expertise to Client's IT leadership on cybersecurity policies and initiatives.
• Communicate complex technical concepts clearly to both technical and non-technical audiences, including executives.
• Lead cross-functional security initiatives and support collaboration across federal IT and contractor teams.
• Contribute to strategic planning and recommend improvements in security architecture and processes.

Requirements

• 4-6 years of hands-on leadership experience in IT Security/Cybersecurity operations.
• 3+ years of experience with emerging cybersecurity tools (Splunk, Tripwire, Cylance, Tenable, BigFix, etc.).
• Strong knowledge of vulnerability management, incident response methodologies, and system hardening practices.
• Bachelor's degree in Computer Science, Engineering, or related STEM field (additional 4 years of relevant cybersecurity experience may substitute).
• 10+ years of cybersecurity-related professional experience overall.
• Certifications: Active CISSP, CISA, CISM, SSCP, or equivalent.
• Prior federal government IT Security experience.
• Experience supporting FISMA compliance and NIST-based cybersecurity programs.
• Strong skills in strategic thinking, conflict management, negotiation, multi-tasking, and time management.
• Experience with data analytics and risk reporting, integrating multiple data sources to measure security posture.
• Expert-level proficiency with Microsoft Office Suite (Word, Excel, PowerPoint, Visio).
• Familiarity with helpdesk ticketing systems (e.g., ServiceNow).
• Ability to work in a fast-paced, technically challenging environment, anticipating changes and proactively mitigating risks.
• Strong communication and leadership skills, with ability to build consensus across diverse stakeholders.

Compensation and Benefits

The projected compensation range for this position is $100,000 to $200,000 per year benchmarked in the Washington DC Metro area. The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience.

LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits.

Devoted to Fair and Inclusive Practices

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department by email at hr@lcginc.com.

Securing Your Data

Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or system@hirebridgemail.com emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at hr@lcginc.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.