R- Description Leidos is currently seeking a senior cybersecurity professional to join our team at the Mark Center in Alexandria, VA as an RMF Support Analyst. Through the Risk Management Executive (RME) Cybersecurity Task Order on our GSM-O contract, we identify, assess, and prioritize risks to DISA and DoD mission partners, as well as develop risk mitigation strategies to increase the security posture of systems, networks, programs, and data in the face of internal and external threats. Our overall mission is to ensure DISA's information systems, assets, and enclaves possess the necessary security measures to ensure their confidentiality, integrity, and availability as well as maintain RME's adherence to DoD, DISA, and National Institute of Standards and Technology (NIST) approved cybersecurity and Risk Management Framework (RMF) policies, standards, and guidelines. The RMF Support Analyst is responsible for developing processes and procedures to communicate, report, and distribute cyber directives to Program level System Owners, ISSMs, and ISSOs, within the DISA IT portfolio, as well as maintain, establish, and monitor RMF transactions for System Registrations and System Authorizations in compliance with NIST, DoD, and DISA policies and procedures. This is a hybrid position allowing 50% remote work after a brief ramp-up period (first 2-3 weeks will be 100% onsite during onboarding, then time will be split 50/50 onsite/remote). Primary Responsibilities Individual will guide and advise on all matters involving the Risk Management Framework (RMF), Assessment and Authorizations (A&A) and day-to-day security.
Analyst will work closely with government and IA Team to support Authorization to Operate (ATO) accreditation conditions and requirements.
Conduct network security reviews that include validation of DISA's Security Technical Implementation Guide (STIG), network security policy, requirements and design.
Managing and documenting A&A projects using Enterprise Mission Assurance Support Service (eMASS) A&A workflow platform.
Advise, conduct and document risk assessments, development of System Security Plans (SSP), Plans of Action and Milestones (POA&M) and security policies and procedures
Provide guidance in the implementation of security controls, doctrine and policies.
Managing, Creating, and Tracking timelines and deliverables, while ensuring processes and procedures are adhered for a large number of Information Systems.
Establish and satisfy IA and security requirements based upon user, policy, regulatory, and resource demands.
Integrate and implement computer system security solutions. Analyze general IA related technical problems and support in solving these problems.
Plan, develop, coordinate, implement and execute of policies and projects at an organizational level.
Help customers to understand the authorization process, and up-date/modify A&A procedures as necessary. Streamline the process to make the process easy to follow but cover all concerned security aspects.
Manage eMASS to include implementation and quality review, inheritance, and tracking configuration changes Basic Qualifications Active DoD Secret clearance or higher (program can support up to TS/SCI)
DoD 8570 IAT II
BS degree and 8-12 years of prior relevant experience. Additional experience may be considered in lieu of degree.
Demonstrated knowledge of cyber security policies and technical cyber security protection measures
Proficient with RMF process, NIST SP 800-37, NIST SP 800-53, CNS-SI 1253
Demonstrates successful track record for delivering large/complex projects on time and within budget within DoD organizations;
Creating Metrics and good presentation skills
Must possess excellent writing and communication skills; have the ability to develop documentation and management level presentations.
Candidate is expected to have technical knowledge and skills in one of the following areas: System Administration, network engineering, applications, and security operations.
Demonstrate potential and willingness to learn and adapt to rapid changes in technology. Preferred Qualifications Experience in performing risk assessment, IT audits, security planning, systems accreditation and policy development.
Experience complying with DoD regulations and preparing for responding to information security audits and questionnaires.
Understanding of basic networking, routing and transport security technologies and architectures
Knowledge of domain structures, user authentication, data encryption, access audits and end-user security best practices.
Experience with UNIX/LINUX OS and any scripting language. Original Posting: April 11, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: Pay Range $126,100.00 - $227,950.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Date Posted: 12 April 2025
Apply for this Job