Cybersecurity & IoT Research Analyst

Overview

LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed.

Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors-helping agencies navigate complexity and outpace change.

The Opportunity

We're hiring a Cybersecurity & IoT Research Analyst to support ongoing R&D efforts while contributing directly to production-bound DoD systems.

This is a hybrid R&D + implementation role. You'll take hands-on research-like IoT protocol vulnerability testing, wireless security analysis, and device-level exploitation-and translate it into actionable security improvements, RMF artifacts, and deployable solutions.

You'll work across the full lifecycle: from lab-based vulnerability testing (e.g., replay attacks, packet injection, device compromise) to supporting accreditation (RMF/ATO) and hardening real-world systems.

Cybersecurity & RMF Support

Support Risk Management Framework (RMF) activities including control implementation, documentation, POA&Ms, and ATO readiness.
• Assist in system security architecture development, aligning IoT/embedded systems with DoD cybersecurity requirements.
• Conduct security assessments and support vulnerability management processes across hardware and software systems.
• Collaborate with ISSOs, ISSMs, and engineering teams to ensure compliance with NIST and DoD standards.

Vulnerability Testing & Security Research

• Design and execute vulnerability testing across IoT and RF protocols (e.g., ZigBee, LoRaWAN, NB-IoT, Mist).
• Perform packet analysis, traffic inspection, and exploitation testing using tools like Wireshark, Kali Linux, and SDR frameworks.
• Simulate real-world attack vectors such as replay attacks, packet injection, device cloning, and resource exhaustion.
• Analyze protocol weaknesses such as centralized trust models, insecure key exchange, and lack of rate limiting.

R&D and Innovation

• Support ongoing R&D efforts focused on IoT protocol security, wireless communications, and system resilience.
• Contribute to development of testbeds and experimental environments to simulate real-world deployments.
• Evaluate emerging technologies and security approaches to improve system architecture and defense-in-depth strategies.
• Document findings and translate research into engineering recommendations and product improvements.

Secure System Development

• Support development of secure update mechanisms, device authentication workflows, and trust validation systems.
• Contribute to secure software and firmware design, including integrity validation and access control mechanisms.
• Assist in implementing protections against unauthorized access, tampering, and compromised device participation.
• Collaborate with DevSecOps and platform teams to integrate security into CI/CD pipelines and deployment workflows.

Data Analysis & Reporting

• Analyze quantitative and qualitative security data to assess system resilience and risk posture.
• Develop technical reports, briefings, and executive summaries to communicate findings and recommendations.
• Support customer-facing deliverables and contribute to proposal or R&D documentation efforts.

What We're Looking For

• Bachelor's degree in Cybersecurity, Computer Engineering, Computer Science, or related field (or equivalent experience).
• Strong foundation in cybersecurity principles, including network security, cryptography, and secure system design.
• Experience or coursework in wireless communications, RF systems, or IoT protocols.
• Hands-on experience with tools such as Wireshark, Kali Linux, Metasploit, or similar security testing frameworks.
• Familiarity with programming/scripting (Python, C/C++, or Java).
• Understanding of networking fundamentals and packet-level analysis.
• U.S. Citizenship required; ability to obtain a Secret clearance.

Bonus Points For

• Experience with RMF, ATO processes, or NIST 800-53 controls.
• Exposure to IoT security testing, embedded systems, or RF communications.
• Experience building or working with testbeds (e.g., Raspberry Pi, wireless mesh networks).
• Familiarity with cloud platforms (GCP, AWS) and containerization (Docker).
• Participation in cybersecurity competitions, research programs, or technical R&D initiatives.
• Experience analyzing attack vectors like replay attacks, packet injection, or unauthorized access in IoT systems.

Why This Role Matters

Modern IoT systems are expanding the attack surface across critical defense infrastructure. Research has shown that protocols can be vulnerable to attacks like replay, injection, and unauthorized access depending on implementation and architecture .

In this role, you won't just study those vulnerabilities-you'll help eliminate them. Your work will directly influence how secure, resilient, and mission-ready next-generation DoD systems become.

Target salary range: $69265.76 - $118424.66

Disclaimer: The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances.

#LI-SH1