LMI Government Consulting (Logistics Management Institute)
Chief Information Security Officer, Director with Security Clearance
LMI Government Consulting (Logistics Management Institute), Fairfax, Virginia, United States, 22032
Overview:
LMI is a consultancy dedicated to powering a future–ready, high–performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers' unique mission needs, backed by objective research and data analysis. Founded in 1961 to help the Department of Defense resolve complex logistics management challenges, LMI continues to enable growth and transformation, enhance operational readiness and resiliency, and ensure mission success for federal civilian and defense agencies.Responsibilities:The LMI Chief Information Security Officer (CISO) will be responsible for securing the organization's information systems, ensuring compliance with government regulations, and managing cybersecurity risks.The CISO drives implementing and running the enterprise Cybersecurity function from strategy to implementation to thought leadership.This will involve identifying, evaluating, and reporting on legal and regulatory, IT, and cybersecurity risks and information assets while supporting and advancing business objectives.The CISO position requires a visionary leader with sound knowledge of Federal government contractor business management and a working knowledge of cybersecurity technologies covering the corporate network as well as the broader digital ecosystem.Proactively work with the CIO, CTO, business units, and stakeholders to architect and implement practices and solutions that meet agreed–on policies and standards for information security.Develop and implement cybersecurity strategies that align with LMI's goals, business objectives, and government security requirements.Establish governance frameworks including policies, procedures, and governance structures to ensure cybersecurity is managed consistently across the organization.Regularly brief executive leadership on the security posture, plans, and emerging threats.Ensure compliance with federal regulation and standards, including but not limited to: ISO 2700X, ITIL, ENISA, ISA–62443, COBIT/Risk IT, NIST SP 800–53, NIST SP 800–171, CMMC, FISMA.Prepare the organization for and lead audit readiness, audits, and certifications related to government cybersecurity compliance.Identify and manage cybersecurity risks, including third–party risks, insider threats, vulnerability assessments, incident response and recovery, and supply chain vulnerabilities.Ensure LMI's information systems and data are protected and implement robust access controls, encryption standards, and other technical security measures on sensitive and classified information.Manage LMI's security operations and oversee security operations centers (SOCs), ensuring continuous monitoring, detection, and response to security threats.Stay informed on new cyber threats and deploy countermeasures to mitigate them.Collaborate with government entities and serve as the liaison between the contractor and government agencies for security matters.Implement cybersecurity awareness and training programs across the organization, particularly for employees handling sensitive or classified information.Manage third–party and supply chain security, ensuring subcontractors and third–party vendors adhere to cybersecurity requirements.Develop, test, and communicate business continuity and disaster recovery (BC/DR) plans.Allocate and manage the budget for cybersecurity initiatives, tools, and staff.Manage a cost–efficient information security organization, including hiring, training, staff development, performance management, and annual performance reviews.Qualifications:Required Qualifications:Demonstrated experience and success in leadership roles in information security, risk management, and IT or OT security.Knowledge of information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, and NIST.Demonstrated experience leading support and response to external security audits.Degree in a STEM field (business IT related program) or equivalent work– or education–related experience.10+ years of experience in cybersecurity or information security roles, with increasing levels of responsibility.Experience designing and implementing cybersecurity architectures, including secure network and system design, encryption, access control models, and securing cloud environments.Familiarity with firewalls, intrusion detection systems (IDS), endpoint protection, data loss prevention (DLP), and vulnerability management.Preferred Qualifications:Graduate degree in a STEM field, or an IT Security or Cybersecurity program.Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or other similar credentials.Experience establishing a Cyber Supply Chain Risk Management program.Previous experience as a corporate CISO or head of a Cybersecurity practice.Experience with federal agencies, such as the Department of Defense (DoD) or Department of Homeland Security (DHS).TS/SCI with Full Scope Polygraph or TS/SCI with CI Polygraph.Experience maintaining IL6, SCIF, and SAP environments.Demonstrated ability to lead and motivate even when "dotted line" reporting lines exist.
#J-18808-Ljbffr
LMI is a consultancy dedicated to powering a future–ready, high–performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers' unique mission needs, backed by objective research and data analysis. Founded in 1961 to help the Department of Defense resolve complex logistics management challenges, LMI continues to enable growth and transformation, enhance operational readiness and resiliency, and ensure mission success for federal civilian and defense agencies.Responsibilities:The LMI Chief Information Security Officer (CISO) will be responsible for securing the organization's information systems, ensuring compliance with government regulations, and managing cybersecurity risks.The CISO drives implementing and running the enterprise Cybersecurity function from strategy to implementation to thought leadership.This will involve identifying, evaluating, and reporting on legal and regulatory, IT, and cybersecurity risks and information assets while supporting and advancing business objectives.The CISO position requires a visionary leader with sound knowledge of Federal government contractor business management and a working knowledge of cybersecurity technologies covering the corporate network as well as the broader digital ecosystem.Proactively work with the CIO, CTO, business units, and stakeholders to architect and implement practices and solutions that meet agreed–on policies and standards for information security.Develop and implement cybersecurity strategies that align with LMI's goals, business objectives, and government security requirements.Establish governance frameworks including policies, procedures, and governance structures to ensure cybersecurity is managed consistently across the organization.Regularly brief executive leadership on the security posture, plans, and emerging threats.Ensure compliance with federal regulation and standards, including but not limited to: ISO 2700X, ITIL, ENISA, ISA–62443, COBIT/Risk IT, NIST SP 800–53, NIST SP 800–171, CMMC, FISMA.Prepare the organization for and lead audit readiness, audits, and certifications related to government cybersecurity compliance.Identify and manage cybersecurity risks, including third–party risks, insider threats, vulnerability assessments, incident response and recovery, and supply chain vulnerabilities.Ensure LMI's information systems and data are protected and implement robust access controls, encryption standards, and other technical security measures on sensitive and classified information.Manage LMI's security operations and oversee security operations centers (SOCs), ensuring continuous monitoring, detection, and response to security threats.Stay informed on new cyber threats and deploy countermeasures to mitigate them.Collaborate with government entities and serve as the liaison between the contractor and government agencies for security matters.Implement cybersecurity awareness and training programs across the organization, particularly for employees handling sensitive or classified information.Manage third–party and supply chain security, ensuring subcontractors and third–party vendors adhere to cybersecurity requirements.Develop, test, and communicate business continuity and disaster recovery (BC/DR) plans.Allocate and manage the budget for cybersecurity initiatives, tools, and staff.Manage a cost–efficient information security organization, including hiring, training, staff development, performance management, and annual performance reviews.Qualifications:Required Qualifications:Demonstrated experience and success in leadership roles in information security, risk management, and IT or OT security.Knowledge of information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, and NIST.Demonstrated experience leading support and response to external security audits.Degree in a STEM field (business IT related program) or equivalent work– or education–related experience.10+ years of experience in cybersecurity or information security roles, with increasing levels of responsibility.Experience designing and implementing cybersecurity architectures, including secure network and system design, encryption, access control models, and securing cloud environments.Familiarity with firewalls, intrusion detection systems (IDS), endpoint protection, data loss prevention (DLP), and vulnerability management.Preferred Qualifications:Graduate degree in a STEM field, or an IT Security or Cybersecurity program.Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or other similar credentials.Experience establishing a Cyber Supply Chain Risk Management program.Previous experience as a corporate CISO or head of a Cybersecurity practice.Experience with federal agencies, such as the Department of Defense (DoD) or Department of Homeland Security (DHS).TS/SCI with Full Scope Polygraph or TS/SCI with CI Polygraph.Experience maintaining IL6, SCIF, and SAP environments.Demonstrated ability to lead and motivate even when "dotted line" reporting lines exist.
#J-18808-Ljbffr