RMF Analyst

R- Description Leidos is seeking a Connection Approval Process Analyst to join our team supporting DISA's Risk Management Executive (RME) effort in Alexandria, VA. Through the RME Cybersecurity Task Order, we identify, assess, and prioritize risks to DISA and DoD mission partners, as well as develop risk mitigation strategies to increase the security posture of systems, networks, programs, and data in the face of internal and external threats. Our overall mission is to ensure DISA's information systems, assets, and enclaves possess the necessary security measures to ensure their confidentiality, integrity, and availability as well as maintain RME's adherence to DoD, DISA, and National Institute of Standards and Technology (NIST) approved cybersecurity and Risk Management Framework (RMF) policies, standards, and guidelines. This position is based in Alexandria, VA and offers partial telework after a brief ramp-up period (first 2-3 weeks spent 100% on-site). Primary Responsibilities: Support the Connection Approval Process Review, including:
Determine if system/application documentation is accurate, up to date, and displays thorough details that provide a clear security posture of the system/application being assessed
Develop Authority to Connect (ATC) packages
Develop and manage the ATC packages across the organization
Develop, maintain, and update briefings
Develop implementation policies, plans, and SOPs
Support customer issues, workflow quality assurance, and cyber security analysis efforts
Perform IA technical and engineering tasks for the compliance analyst and connection approval requirements in accordance with Federal and DoD cyber security policy
Track, manage, update, and ensure that all J6 Transport circuits are authorized Update, maintain, and ensure data entry and data integrity of the CAP Tracking sheets and Metrics Review/Assess mission partner component systems, network connection packages, and implemented security features and mechanisms
Support, implement, and adhere to all NIST, Federal, DoD, DISA, and J6 policies, procedures, and standards regarding cyber security and the RMF
Participate in and provide technical expertise to the J6 configuration management boards while considering Federal, DoD, and J6 security policies, standards and guidelines and its impact to requested changes. Basic Qualifications: Active Secret clearance or higher (program can support up to TS/SCI)
DoD 8570 IAT Level II certification
BS and 4-8 years of relevant experience. Additional directly relevant experience and/or military service may be considered in lieu of degree.
Knowledge of DoD cyber security policies and regulations
Proficient with RMF process, NIST SP 800-37, NIST SP 800-53, CNSSI 1253
Experience creating and revising standard operating procedures (SOPs), work instructions (WI), and Tactics, Techniques, and Procedures (TTPs) Original Posting: April 1, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: Pay Range $85,150.00 - $153,925.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.