Description
The Digital Modernization Sector at Leidos is seeking an experienced Cybersecurity Risk Management Framework (RMF) Specialist to join the DISA Defense Red Switch Network (DRSN) team in support of an enterprise VoIP management system – GSM-O II contract at Fort Meade, MD. The ideal candidate will have a background in guiding systems through the Assessment and Authorization (A&A) lifecycle and be responsible for maintaining the XACTA package and associated security documentation on a high‑paced, fast‑moving program. The candidate will be a member of a team that interacts with technical and non‑technical individuals including customers and vendors, but primarily with our subject matter expert teammates. In this role, the candidate will provide expertise on security related questions and coordinate with system owners, ISSMs, and Authorizing Officials (AOs) throughout the ATO process.
Responsibilities
Serve as the subject matter expert on the RMF process
Lead the development, service, and annual sustainment of the Security Control Policy Plan in areas such as Control Implementation, Assessment and Monitoring, Mitigation Plans, Training and Awareness
Assist the government with development, service, and annual sustainment of the Security Control Policy Plans for Contingency and Incident Response, Security Control Assessments, Roles and Responsibilities, and Compliance Requirements
Provide strategic guidance to engineering and security teams regarding security controls and compliance requirements
Coordinate with system owners, ISSOs, ISSMs, and AOs throughout the A&A process
Support vulnerability assessments and security control testing in alignment with NIST SP 800-53 and organizational policies
Track and manage remediation of identified risks and vulnerabilities
Maintain continuous monitoring activities and support ongoing authorization initiatives
Stay current on evolving federal cybersecurity mandates, policies, and technologies
Maintain and update POAMs and waivers
Core Qualifications
Bachelor's degree and 5+ years of experience in cybersecurity with at least 3 years in RMF
Demonstrated experience leading ATO efforts
Strong working knowledge of: NIST SP 800-37, 800-53, 800-127
FIPS 199/200
XACTA, eMASS
Excellent communication skills (written and verbal)
Excellent technical writing and documentation skills
Capable of translating technical risk to impacts for non-technical stakeholders
Detail-oriented
Familiarity with a broad range of tools supporting cybersecurity and assessments
Active SCI clearance or Top Secret (eligible for SCI) clearance
Security+ is REQUIRED
All candidates must be U.S. CITIZENS to be considered for the position
Preferred Qualifications
CISSP, CAP, CISM or equivalent cyber security certifications
Experience supporting DoD, DHS, or IC RMF processes
Familiarity with SIEMS and logging tools
Experience with configuration management tools (e.g., Ansible, Chef, SCCM)
Local to Ft. Meade, MD
Pay Range Pay Range $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr
Responsibilities
Serve as the subject matter expert on the RMF process
Lead the development, service, and annual sustainment of the Security Control Policy Plan in areas such as Control Implementation, Assessment and Monitoring, Mitigation Plans, Training and Awareness
Assist the government with development, service, and annual sustainment of the Security Control Policy Plans for Contingency and Incident Response, Security Control Assessments, Roles and Responsibilities, and Compliance Requirements
Provide strategic guidance to engineering and security teams regarding security controls and compliance requirements
Coordinate with system owners, ISSOs, ISSMs, and AOs throughout the A&A process
Support vulnerability assessments and security control testing in alignment with NIST SP 800-53 and organizational policies
Track and manage remediation of identified risks and vulnerabilities
Maintain continuous monitoring activities and support ongoing authorization initiatives
Stay current on evolving federal cybersecurity mandates, policies, and technologies
Maintain and update POAMs and waivers
Core Qualifications
Bachelor's degree and 5+ years of experience in cybersecurity with at least 3 years in RMF
Demonstrated experience leading ATO efforts
Strong working knowledge of: NIST SP 800-37, 800-53, 800-127
FIPS 199/200
XACTA, eMASS
Excellent communication skills (written and verbal)
Excellent technical writing and documentation skills
Capable of translating technical risk to impacts for non-technical stakeholders
Detail-oriented
Familiarity with a broad range of tools supporting cybersecurity and assessments
Active SCI clearance or Top Secret (eligible for SCI) clearance
Security+ is REQUIRED
All candidates must be U.S. CITIZENS to be considered for the position
Preferred Qualifications
CISSP, CAP, CISM or equivalent cyber security certifications
Experience supporting DoD, DHS, or IC RMF processes
Familiarity with SIEMS and logging tools
Experience with configuration management tools (e.g., Ansible, Chef, SCCM)
Local to Ft. Meade, MD
Pay Range Pay Range $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr