Location: Bethesda, MD (Hybrid)

LCG is a minority-owned technology consulting firm that has been a trusted partner to more than 40 federal agencies, including 21 of the 27 Institutes and Centers (ICs) at the National Institutes of Health (NIH). For over 25 years, LCG has brought digitization and innovation to the Health and Human Services (HHS) and the NIH ecosystems. We support IT organizations by bringing precision technology and operation models that achieve mission capabilities and performance success.

Duties and Responsibilities:

• Design and implement AI-driven security solutions to enhance threat detection, vulnerability management, and incident response within our Tenable and Azure environments.
• Work closely with security engineers to integrate AI technologies into existing security workflows, automating tasks for improved efficiency and accuracy.
• Utilize machine learning models and AI algorithms to analyze threat data, predict potential vulnerabilities, and automate threat response actions.
• Collaborate with IT and development teams to ensure AI security solutions are seamlessly integrated with NIH's IT infrastructure and application ecosystems.
• Stay abreast of the latest developments in Cyber AI, Open AI, and Azure security technologies, applying this knowledge to continuously improve our security posture.
• Conduct ongoing research and testing to identify new threats and vulnerabilities, using AI to enhance our penetration testing methodologies.
• Develop and maintain documentation for AI security processes, configurations, and procedures, ensuring compliance with NIH policies and federal regulations.
• Provide training and guidance to the security team on AI tools and techniques, fostering a culture of innovation and continuous improvement.
• Possess a deep understanding of NIH security frameworks and guidelines, including the Risk Management Framework (RMF) used for obtaining an Authorization to Operate (ATO). Familiarity with NIST (National Institute of Standards and Technology) standards, especially NIST SP 800-53, for security and privacy controls.
• Demonstrated experience preparing, reviewing, and maintaining comprehensive ATO documentation, including System Security Plans (SSP), risk assessments, and Plan of Actions and Milestones (POA&M). Ability to ensure all documentation meets NIH’s stringent compliance requirements for security authorization.
• Proficient in conducting risk assessments, security assessments, and continuous monitoring activities to identify vulnerabilities, assess risks, and implement mitigations to secure applications and data in accordance with NIH requirements.
• Ability to work collaboratively with development, operations, and security teams to integrate security practices into the development lifecycle, ensuring compliance with NIH ATO requirements from inception to deployment.

Required: 

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, AI, or a related field.
• Proven experience in cybersecurity and AI, with a strong background in implementing AI solutions within security environments.
• Familiarity with Tenable, Azure, and other relevant cybersecurity and cloud technologies.
• Experience in developing and deploying machine learning models for security applications, including threat detection and response.
• Strong understanding of cybersecurity principles, practices, and tools, with the ability to apply AI technologies to enhance security measures.
• Excellent problem-solving skills, with the ability to think creatively and strategically to address cybersecurity challenges.
• Knowledge of federal regulations and compliance requirements related to cybersecurity, particularly within NIH or similar healthcare environments.

Common requirement for all:

• Design and oversee the implementation of AI-enhanced technology solutions, ensuring they meet federal, NIH, and HHS compliance requirements for deployment into production.
• Work closely with legal and compliance departments to stay updated on regulatory changes and implications for technology projects, particularly those involving sensitive health data.
• Develop and maintain comprehensive compliance documentation for all AI projects, detailing adherence to relevant laws, regulations, and standards.
• Collaborate with infrastructure and application development teams to integrate AI technologies, emphasizing compliance and data protection from the project inception.
• Serve as the primary liaison between technology teams and regulatory bodies, ensuring clear communication and adherence to compliance protocols.
• Guide the selection and implementation of Azure AI services and tools, ensuring they support compliant application development and deployment processes.
• Lead risk assessments and compliance reviews for technology projects, identifying potential issues and implementing corrective actions to address compliance gaps.
• Facilitate training and awareness sessions for the technology team on regulatory requirements, compliance best practices, and the importance of data privacy and security.

Compensation and Benefits 

The projected compensation range for this position is $137,700.00 to $186,300.00 per year benchmarked in the Washington, D.C. metropolitan area. The salary range provided is a good faith estimate representative of all experience levels. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience. 
 
LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits. 

Devoted to Fair and Inclusive Practices  

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department by email at hr@lcginc.com. 

Securing Your Data 

Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or system@hirebridgemail.com emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at hr@lcginc.com. 

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.