LCG, Inc.

Compensation

Full Description

FISMA Compliance Support Lead Location: Bethesda, MD (Onsite with some Hybrid flexibility) Job Overview: LCG is seeking a highly skilled FISMA Compliance Support Lead to manage and implement FISMA compliance across a Client’s IT systems. The FISMA Compliance Support Lead will serve as the senior subject matter expert for Federal Information Security Modernization Act (FISMA) compliance, providing expertise in security assessments, documentation review, risk analysis, and reporting. The role requires hands-on knowledge of federal compliance frameworks, cybersecurity tools, and the ability to collaborate with technical and business stakeholders. Key Responsibilities Compliance Oversight • Ensure the effective implementation of annual FISMA reporting review requirements. • Review and validate security documentation for Client’s systems, ensuring FISMA compliance is implemented, tracked, and monitored. • Provide subject matter expertise for Security Assessment and Authorization (A&A) processes in a federal IT environment. Cybersecurity & Risk Management • Research, analyze, and report on trends using publicly available and internal cybersecurity data. • Monitor emerging cybersecurity tools (BigFix, Splunk, Tripwire, Cylance, Tenable, etc.) to support compliance and risk reduction. • Track vulnerability advisories, errata, alerts, and bulletins to ensure risks are identified, disseminated, and mitigated. • Collaborate with IT Security teams to ensure technical controls meet FISMA, NIST, and NIH standards. Documentation and Reporting • Prepare, review, and update System Security Plans (SSPs), security controls documentation, and risk assessments. • Develop compliance reports and metrics to measure Client’s security posture. • Support audits, inspections, and annual security reviews by federal oversight bodies. • Maintain technical controls and organizational processes that ensure continuous compliance. Leadership and Stakeholder Engagement • Work with program management, IT operations staff, and system owners to align compliance activities with Client’s objectives. • Provide training, guidance, and subject matter expertise on FISMA requirements to stakeholders. • Communicate compliance findings and recommendations effectively to both technical and non-technical audiences. Requirements • 4–6 years of hands-on experience providing technology leadership in FISMA compliance. • 3+ years of experience with emerging cybersecurity tools (Splunk, Tripwire, BigFix, Tenable, Cylance, etc.). • Experience with Security Assessment and Authorization (A&A) processes in a federal environment. • Bachelor’s degree in Computer Science, Engineering, or related STEM field (an additional 4 years of relevant experience may substitute). • 10+ years of cybersecurity-related experience overall. • Certifications: Active CISSP, CISA, CISM, SSCP, or equivalent. • Prior federal government IT security and FISMA compliance experience. • Strong skills in strategic thinking, negotiation, multi-tasking, conflict management, and time management. • Expert-level proficiency in Microsoft Word, Excel, PowerPoint, and Visio. • Familiarity with ServiceNow or other IT ticketing systems. • Ability to anticipate changes and recommend proactive compliance solutions. • Strong written and oral communication skills with the ability to clearly convey compliance requirements to stakeholders. • Ability to work independently while also thriving in an integrated, cross-functional team environment. Compensation and Benefits The projected compensation range for this position is $100,000 to $200,000 per year benchmarked in the Washington DC Metro area. The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience. LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits. Devoted to Fair and Inclusive Practices All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department by email at hr@lcginc.com. Securing Your Data Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or system@hirebridgemail.com emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at hr@lcginc.com. If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.