LMI Government Consulting (Logistics Management In

Compensation

Full Description

Overview LMI is seeking a Journeyman Cybersecurity Engineer to support the U.S. Army Center for Initial Military Training's (CIMT) Holistic Health & Fitness Management System (H2FMS). H2FMS is a secure analytics environment operating in Army GovCloud, integrating the vendor-provided H2F data capture application with cloud hosting, data pipelines, AI/ML models, and user interfaces supporting Soldier and unit readiness. This position requires the ability to obtain and maintain a Secret clearance. The Cybersecurity Engineer will support the Senior ISSM, Cloud Architect, DevSecOps team, and cybersecurity operations to ensure H2FMS meets all RMF, continuous ATO (cATO), and Zero Trust requirements. This is a hands-on role focused on compliance, security engineering, vulnerability management, logging/monitoring, and implementing security controls across the H2FMS system. LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed. Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors-helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value. Responsibilities • Implement and maintain cybersecurity controls required under RMF, NIST 800-53, and Army cybersecurity policy. • Support secure configuration of cloud services, network components, identity/access controls, and application interfaces. • Apply DISA STIGs, SCAP tools, and vulnerability remediation practices across the environment. • Assist in implementing Zero Trust principles for access management, micro segmentation, and continuous verification. • Validate secure data flows and connections between the vendor's H2F data capture application and H2FMS in Army GovCloud. • Support cybersecurity reviews of interface configurations, API integrations, encryption settings, and boundary protections. • Coordinate with Data Engineers, Cloud Engineers, and the ISSM to ensure end-to-end secure integration. • Conduct regular vulnerability scans (Nessus, OpenVAS, etc.) and assist with patch management across environments. • Track, document, and help remediate findings in POA&Ms. • Support log collection, SIEM configuration, and review of security events for anomalies. • Assist in continuous monitoring activities required for cATO compliance. • Contribute to RMF documentation including SSP components, SAR evidence, risk assessments, and configuration baseline updates. • Support the Senior ISSM in preparing audit packages, evidence submissions, and compliance documentation. • Assist the Senior DevSecOps Engineer in integrating security scanning tools into CI/CD pipelines. • Support maintenance of security testing (SAST, SCA, container scans) and automated compliance checks. • Help evaluate code, infrastructure, and configuration changes for security impact. • Assist with incident response investigations, triage, and reporting. • Support containment, remediation, and follow-up actions. • Participate in tabletop exercises and operational security drills. • Work closely with Cloud Architects, DevSecOps Engineers, Data Engineers, and UI/UX developers to ensure secure design. • Participate in Agile sprints, backlog refinement, and technical planning sessions. • Provide cyber input to engineering decisions and environment changes. Qualifications Required Qualifications • Bachelor's degree in Cybersecurity, Information Assurance, Computer Science, Engineering, or a related field. • 3-6 years of experience in cybersecurity engineering, cyber operations, or information assurance. • Experience with: • RMF security controls • DISA STIGs and secure configuration baselines • Vulnerability scanning and remediation • Cloud security practices (AWS GovCloud, Azure IL4/IL5 preferred) • Basic familiarity with Zero Trust principles and secure identity/access management. • Ability to work collaboratively with technical teams in Agile environments. • DoW 8140 elevated privilege certification (Security+, CCNA Security, CySA+, etc.). • Ability to obtain and maintain a Secret clearance. • Location: Remote. • Travel: Ability to travel to Fort Eustis, VA or LMI HQ in Tysons, VA 1-2 times per quarter for planning, testing, and stakeholder collaboration. Desired Qualifications • Experience supporting DoW cloud systems or Army cyber requirements. • Experience working in DevSecOps or CI/CD environments. • Familiarity with log analytics and SIEM tools (CloudWatch, Sentinel, ELK, Splunk). • Experience supporting ATO packages or continuous monitoring activities. • Additional certifications such as CEH, CHFI, SSCP, or cloud security certifications. Target salary range: $90,270 - $155,000 Disclaimer: The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances. Options Apply for this job onlineApply Share Email this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed LMI is an Equal Opportunity Employer. LMI is committed to the fair treatment of all and to our policy of providing applicants and employees with equal employment opportunities. LMI recruits, hires, trains, and promotes people without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, disability, age, protected veteran status, citizenship status, genetic information, or any other characteristic protected by applicable federal, state, or local law. If you are a person with a disability needing assistance with the application process, please contact Colorado Residents: In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Need help finding the right job?