Build Your Career in Cybersecurity -
YOUR WAY

Summary

LMI is currently seeking a Cybersecurity Consultant to support our United States Customs and Border Protection (CBP) customer. The ideal candidate will have had roles on several project teams which were focused in the areas listed in the Responsibilities section below. This is a full-time position located onsite in Washington, DC. Situational telework may be authorized by the Government.

​

Company Overview

LMI: Innovation at the Pace of Need™

At LMI, we’re reimagining the path from insight to outcome at The New Speed of Possible™. Combining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission success. We energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capability. LMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needs.

​

LMI is a consultancy dedicated to powering a future-ready, high-performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers’ unique mission needs, backed by objective research and data analysis. Founded in 1961 to help the Department of Defense resolve complex logistics management challenges, LMI continues to enable growth and transformation, enhance operational readiness and resiliency, and ensure mission success for federal civilian and defense agencies.

​

LMI has been named a 2024 #BestPlacestoWork in the United States by Built In! We are honored to be recognized as a company that values a people-centered culture, and we are grateful to our employees for making this possible!

• Ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools
• Implementation of higher-level security requirements such as those resulting from laws, regulations, or Presidential directives
• Integration of security design principles across disciplines and SELC
• Research and discovery of information protection needs against cyber-attacks and document information protection policies
• Review of proposed new systems, networks, and software designs for potential security risks
• Lead security related product selection and implementation activities
• Define the scope and level of detail for security plans and policies applicable to the system
• Institute measures to ensure security awareness and compliance
• Identify the need for changes based on new security technologies or threats
• Analyze change requests to the system for security posture impact
• Development and implementation of long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities
• Review and evaluation of security incident response policies
• Manages security incident procedures
• Execution of all duties described in the DHS Information System Security Office
• Manage and maintain system authorization status (Authority to Test (ATT) and Authority to Operate (ATO)
• Support the development and review of Privacy Threshold Assessment (PTA) documents for systems
• Work effectively with CBP Office of Information Technology (OIT) teams to ensure secure operation of all systems within the area of responsibility as designated by the client
• Ensure continuous monitoring strategies, verify corrective actions, and work effectively with other groups to ensure effective, ongoing security posture for systems
• Manage security documentation utilizing the CSAM system
• Other cybersecurity related duties as assigned.

Required Qualifications

• All position require eligibility to acquire CBP BI, for which you must be a U.S Citizen.

​

Preferred Qualifications

• Bachelor’s degree in Information Systems or Computer Science desired.
• Minimum of 3-10 years experience carrying out ISSO and RMF related activities in federal government cybersecurity environments desired.
• Security+, Network +, CCNA, CISA, or other DoD 8570 IAM level 1 certifications desired. CISSP certification preferred.
• Good people management, communication, attention to detail, and customer service skills.
• Demonstrated on-the-job experience using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems.
• Must be proactive and highly motivated to support customer needs and ensure continued security for customer systems in keeping with federal guidance and DoD specific requirements.
• Must have experience utilizing the CSAM system for cybersecurity documentation management.
• Highly Preferred: Active U.S. Customs and Border Protection (CBP) BI.
• This position is contingent upon completion of CBP BI and customer approval.

Target salary range: $104,661 - $184,203

​

Disclaimer: The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances.

You Lead the Way. We’ve Got Your Back.

​

With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, you’ll learn and grow as we help you create a career journey that’s unique and meaningful to you with benefits, programs, and flexibility that support you personally and professionally.

​

At American Express, you’ll be recognized for your contributions, leadership, and impact—every colleague has the opportunity to share in the company’s success. Together, we’ll win as a team, striving to uphold our company values and powerful backing promise to provide the world’s best customer experience every day. And we’ll do it with the utmost integrity, and in an environment where everyone is seen, heard and feels like they belong.

​

Join Team Amex and let's lead the way together.

​

As part of our diverse tech team, you can architect, code and ship software that makes us an essential part of our customers’ digital lives. Here, you can work alongside talented engineers in an open, supportive, inclusive environment where your voice is valued, and you make your own decisions on what tech to use to solve challenging problems. American Express offers a range of opportunities to work with the latest technologies and encourages you to back the broader engineering community through open source. And because we understand the importance of keeping your skills fresh and relevant, we give you dedicated time to invest in your professional development. Find your place in technology on #TeamAmex.

• Provides support to Risk Advisors and Control Owners in managing risk reduction efforts for their stakeholders, and monitor the progress and status of remediation actions for assigned functional area
• Analyze data sources that contain technology and information security risk information, and customize the data for different audiences and purpose
• Draw conclusions and recommendations based on the data analysis, and communicate the risks and action plans to the relevant stakeholders
• Engage with technology and business partners to understand the key risks associated with their initiatives, and advise on risk reduction strategies and solutions in collaboration with domain subject matter experts
• Prepare and deliver high-quality materials (reports, presentations, spreadsheets, etc.) on information security and risk management topics, and facilitate informed decision-making

Minimum Qualifications

​

• 8+ years of experience in Information Security and/or Technology Risk Management
• Excellent time management and multi-tasking skills
• Proven problem solver who can make clear-headed decisions under pressure
• Advanced MS PowerPoint, Excel, and Word skills
• Outstanding written and verbal communication skills with experience translating complex information and requirements into clear and actionable tasks
• Excellent organization skills and strong attention to detail
• Works well under pressure and adapts to changing circumstances
• Fast learner who proactively works with minimal direction
• Solution-oriented and has a collaborative approach to overcoming barriers

​

Preferred Qualifications

​

• Security or technology risk related certifications (CISM, CISSP, CRISC, etc.) preferred but not required
• Bachelor’s Degree in Computer Science, Engineering, or related specialism preferred

Salary Range: $110,000.00 to $190,000.00 annually + bonus + benefits

​

The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we’ll consider your location, experience, and other job-related factors.

​

We back our colleagues and their loved ones with benefits and programs that support their holistic well-being. That means we prioritize their physical, financial, and mental health through each stage of life. Benefits include:

​

• Competitive base salaries
• Bonus incentives
• 6% Company Match on retirement savings plan
• Free financial coaching and financial well-being support
• Comprehensive medical, dental, vision, life insurance, and disability benefits
• Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
• 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy
• Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
• Free and confidential counseling support through our Healthy Minds program
• Career development and training opportunities

​

For a full list of Team Amex benefits, visit our Colleague Benefits Site.

​

American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.

​

We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.

​

US Job Seekers/Employees - Click here to view the “Know Your Rights” poster and the Pay Transparency Policy Statement.

​

If the links do not work, please copy and paste the following URLs in a new browser window: https://www.dol.gov/agencies/ofccp/posters to access the three posters.

​

Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.

What you should know about the role

​

Information Security Specialist implements, tests, maintains, monitors and reports on the organization's Information Security and IT Compliance to protect the credit union’s assets and maintain regulatory compliance of the information technology areas. They partner with the IT, Audit, and Risk Management departments to ensure compliance and robust application of security technologies, strategies, and policies. They assist with the implementation of business systems to ensure high security standards. They drive results toward strategic business plans. This is accomplished by providing outstanding service to both internal and external members as defined by living and demonstrating the core values of the credit union; Act with Integrity, Drive Progress, Build & Strengthen Relationships and Keep People at the Core.

​

What you should know about Advia

​

Advia is a fast-growing Credit Union that is positioned in the top 3% of credit unions across the United States. We serve almost 200,000 members with assets over $3 Billion. We offer very similar product and services as the big banks with a focus on saving our members money while providing financial advantages. We are rooted in our communities and believe we have a responsibility to give back outside of our four branch walls through volunteering and charitable donations. The work environment at Advia is fast-paced, performance based, and fun infused. We certainly live by the saying "work hard, play hard." As an employee of Advia, you can expect regular and constructive feedback, development opportunities, great benefits, excellent co-workers and engaged managers.

• The Information Security Specialist implements, tests, maintains, monitors and reports on the organization's information security in order to protect the credit union’s assets and prevent unauthorized access to credit union systems. This includes implementing strategies which mitigate risk to IT systems from internal and external exposures.
• Work closely with vendors, fellow employees, and management to provide timely statuses on network security, project implementations and aid resolutions.
• Utilize the vulnerability management system to identify and resolve hardware and software system risks. Utilize computer investigative techniques and forensic methods to identify operating or potential vulnerabilities. Conduct penetration testing and audits to ensure adequate protection of the organization’s assets.
• Conduct regular security monitoring and reporting of systems to ensure adequate security defenses, systems and settings are in place to protect against intrusion, theft, destruction or misuse of credit union information.
• Aid the business and technology teams to cover infrastructure security, disaster recovery, management of data, network architecture and design, user access management, and management of third parties. Monitor regulations and trends that affect financial institutions and establish effective restrictions to cybercrime. Provide ad hoc aid on special Information Security hot topics for the business.
• Provide assistance to IT Audits. Assist management in preparation for audits and assisting with remediation on established timelines. Assist with coordination of information security efforts with the Internal Audit and Risk Management departments.
• To maintain IT Compliance and Information Security standards in adherence with federal, state, information security and risk management policies, standards and guidelines. Maintain IT Security policies, procedures, manuals and guidelines ensuring they are updated, compliant. Complete forms and documentations that aids the policies and procedures for compliance, security, and maintenance of IT systems. Maintain the necessary documentation for the organization to ensure secure operations.
• Strictly adhere to and enforce system security policies and follow all company standards. Must comply with applicable laws and regulations, including but not limited to, the Bank Secrecy Act, the Patriot Act, and the office of Foreign Assets Control, in addition to all company policies.

Required Qualifications

​

• 4 years of relevant experience and an Associate degree in Computer Science, Information Systems, Cyber Security, Engineering, Business Administration, or equivalent experience.

​

Preferred Qualifications

​

• 2 years of relevant experience and a Bachelor’s degree in Computer Science, Information Systems, Cyber Security, Engineering, Business Administration, or equivalent experience.
• Security +, CE|H (Certified Ethical Hacker), GIAC, or CISA (Certified Information Systems Auditor), or other relevant technical or security certifications are highly desirable.
• Strong understanding of the function of IT infrastructure technologies including OS, Data Storage, Servers, Networks, Telephony, Web, Cloud, Technical Architecture and Performance Optimization techniques.
• Strong understanding of IT Security strategies, including incident response, attacker methodologies, vulnerability management, security information and event monitoring, system hardening, encryption technologies, and endpoint security management.
• Ability to analyze and understand how various IT equipment and software programs interrelate and interface with IT security systems, and the ability to identify and solve IT security issues.
• A high level of interpersonal and verbal communication skills necessary to relate to other people at their systems knowledge level.
• Ability to organize and prioritize work without direction from supervisor in situations where dramatic changes frequently occur. Required to operate with great latitude with independent judgment and initiative.
• Ability to manage multiple projects and support multiple support requests.
• Ability to effectively interact and direct the efforts of various IT vendors and suppliers.
• Ability to analyze complex situations and problems and do the necessary research using multiple sources of information to arrive at innovative solutions.
• Ability to work after hours on occasion to maintain or repair technical systems with and without short notice.

NA