Security Control Assessor - Military veterans preferred

Description

Leidos is seeking multiple Security Control Assessors to support our assessment team. These positions can be based out of any of our three locations - Alexandria, VA, Fort Meade, MD, or Chambersburg, PA. These positions are primarily on-site, but light, partial telework may be available at the discretion of our customer and program management. Significant travel to assessment sites is required - estimated 85% of the time. Travel may be domestic or international depending on mission needs.

RESPONSIBILITIES:

• Conduct cybersecurity assessments, audits, and inspections for DoD organizations and partners handling DoD information or connecting to the DoDIN. 
• Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing. 
• Adhere to policies and processes for each assessment type. 
• Support assessment development and execution to ensure security expertise is properly applied. 
• Coordinate logistics, test plans, and scope with the SCA Team Lead. 
• Perform vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS. 
• Analyze security gaps and provide mitigation recommendations. 
• Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines.  
• Provide risk analysis and assessment results for authorization recommendations. 
• Participate in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R. 
• Mentor and guide personnel by providing technical expertise, best practices, and professional development support to enhance team capabilities and knowledge

BASIC QUALIFICATIONS:

• Active DoD Top Secret clearance with SCI eligibility required
• Current DoD 8570 IAM II or IAT II certification 
• Ability and willingness to travel for assessments as required, up to 85% of the time
• Bachelor's degree (IT-related field preferred) and eight (8) years of cybersecurity or network security experience, including five (5) years of experience in a Certification and Accreditation/A&A role. Additional relevant experience may be considered in lieu of degree.
• Demonstrated experience with STIGs, SRGs, POA&Ms and cybersecurity best practices, as well as relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS 
• Strong understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253, as well as key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications 
• Strong written and verbal communication skills for reporting assessment findings

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.