Continuous Monitoring Analyst Senior

Leidos•Alexandria, VA

About The Position

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster, better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced Senior Continuous Monitoring Analyst to support the delivery, enhancement, and adoption of enterprise data and analytics products used across multiple DoD organizations. In this role, you will work alongside government partners, engineers, and other industry teammates to translate operational and strategic requirements into scalable, production-ready solutions. You will contribute directly to product planning, execution, and continuous improvement—helping ensure capabilities are delivered efficiently, aligned to mission priorities, and positioned for sustained success. This position offers the opportunity to work on a high-visibility, enterprise program at the intersection of data, analytics, and emerging AI technologies. Ideal candidates are motivated by mission impact, comfortable operating in complex stakeholder environments, and interested in building deep domain expertise while delivering capabilities with real-world national security outcomes.

Requirements

Active Top Secret (TS) clearance with SCI eligibility.
Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, Software Engineering, Information Systems, Computer Engineering, Mathematics, or related technical discipline OR equivalent training/experience aligned to DoD 8140 pathways.
8–12 years of relevant experience supporting cybersecurity, continuous monitoring, or vulnerability management activities.
At least one of the following foundational qualification pathways consistent with DoD 8140 requirements: Current DoD 8570/8140 baseline certification appropriate for Intermediate Cyber Defense Analyst roles (e.g., CySA+, GCDA, GCIH, or equivalent), Offerings listed in the DoD 8140 Training Repository, Demonstrated equivalent training and experience qualifying under DoD 8140 foundational qualification
Experience implementing and supporting RMF processes, including continuous monitoring and system authorization.
3 or more years of experience working with cybersecurity tools such as ACAS, HBSS, Tanium, Splunk, or similar platforms.
Experience analyzing vulnerabilities, system configurations, and compliance data across enterprise IT environments.
Experience supporting cybersecurity audits, inspections, and compliance activities.
Experience developing reports, dashboards, and work products to support risk-based decision making.
Ability to evaluate the design and effectiveness of controls and standards to ensure compliancy in accordance with the applicable audits and inspections for an organization.

Nice To Haves

Active TS/SCI
Certifications in Cybersecurity like Security plus, DOD IA/IAT Level III certification
Experience supporting continuous monitoring across NIPRNet, SIPRNet, and JWICS environments.

Responsibilities

Execute continuous monitoring of security controls to protect classified and unclassified data across mission environments.
Implement and maintain tools and processes to track system performance, security posture, and compliance with RMF requirements in near real-time.
Coordinates with cross-functional teams (ISSO, ISSM, engineering, IT, operations) to implement and enforce security protocols and best practices.
Monitor systems throughout their lifecycle (new and re-authorized) for changes impacting cybersecurity posture.
Validate updates to system security plans (SSPs) and Plans of Action and Milestones (POA&Ms) within GRC tools (e.g., eMASS).
Validate implementation of security controls supporting automated ConMon reviews within RMF packages.
Support development, execution, and continuous improvement of the Continuous Monitoring (ConMon) Strategy and program.
Develop and maintain ConMon plans and templates for information systems.
Analyze vulnerability and security data from tools such as ACAS, HBSS, Tanium, Splunk, or similar platforms.
Support remediation tracking and resolution of vulnerabilities and compliance findings.
Collaborate with ISSOs, ISSMs, DevSecOps, system engineers, and stakeholders to resolve cybersecurity issues and improve asset visibility.
Support RMF activities including Step 0 preparation, data calls, and assessment coordination.
Develop dashboards, reports, and analytics to support Government risk-based decision making.
Coordinate with system administrators and tool owners to ensure scan coverage, credentialing, and data accuracy.
Support the system development lifecycle of a Governance, Risk, and Compliance (GRC) technical solution within the organization.
Ensure ConMon deliverables are completed accurately and submitted on time.
Communicate regularly with Government stakeholders regarding system posture, vulnerabilities, and risk status.
Participate in SAFe ceremonies including PI Planning, backlog refinement, sprint reviews, and retrospectives.

Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers.
Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement.
More details are available here.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume