Leidos is seeking multiple Security Control Assessors to support our assessment team. These positions can be based out of any of our three locations - Alexandria, VA, Fort Meade, MD, or Chambersburg, PA. These positions are primarily on-site, but partial telework may be available at the discretion of our customer and program management. Significant travel may be required.
Responsibilities:
Conduct cybersecurity assessments, audits, and inspections for DoD organizations and partners handling DoD information or connecting to the DoDIN. Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing. Adhere to policies and processes for each assessment type. Support assessment development and execution to ensure security expertise is properly applied. Coordinate logistics, test plans, and scope with the SCA Team Lead. Perform vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS. Analyze security gaps and provide mitigation recommendations. Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines. Provide risk analysis and assessment results for authorization recommendations. Participate in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R. If senior staff, mentor and guide personnel by providing technical expertise, best practices, and professional development support to enhance team capabilities and knowledge
Basic Qualifications:
Strong understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253, as well as key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications Level III:Bachelor's degree (IT-related field preferred) and eight (8) years of cybersecurity or network security experience. Additional relevant experience may be considered in lieu of degree.Five (5) years of experience in a Certification and Accreditation/A&A role Demonstrated experience with STIGs, SRGs, POA&Ms and cybersecurity best practices, as well as relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS Advanced understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253, as well as key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications Original Posting:July 8, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:Pay Range $67,600.00 - $122,200.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.