SME Zero Trust Cyber Security Analyst Lead

Leidos•Alexandria, VA

23h

About The Position

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster, better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced SME Zero Trust Cyber Security Analyst to support the delivery, enhancement, and adoption of enterprise data and analytics products used across multiple DoD organizations. In this role, you will work alongside government partners, engineers, and other industry teammates to translate operational and strategic requirements into scalable, production-ready solutions. You will contribute directly to product planning, execution, and continuous improvement—helping ensure capabilities are delivered efficiently, aligned to mission priorities, and positioned for sustained success. This position offers the opportunity to work on a high-visibility, enterprise program at the intersection of data, analytics, and emerging AI technologies. Ideal candidates are motivated by mission impact, comfortable operating in complex stakeholder environments, and interested in building deep domain expertise while delivering capabilities with real-world national security outcomes.

Requirements

Active Top Secret (TS) clearance with SCI eligibility.
Bachelor’s degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or related technical discipline OR equivalent training/experience aligned to DoD 8140 pathways.
At least one of the following foundational qualification pathways consistent with DoD 8140 requirements: Current DoD 8570/8140 baseline certification appropriate for Advanced Cyber Defense Analyst roles (e.g., CASP+, GCED, GCIH, or equivalent), Offerings listed in the DoD 8140 Training Repository, Demonstrated equivalent training and experience qualifying under DoD 8140 foundational qualification alternatives.
12–15 years of relevant experience in cybersecurity, with a focus on Zero Trust, continuous monitoring, or cyber defense.
Minimum of 5 years of experience in cybersecurity, with a focus on Zero Trust architectures and RMF processes.
Experience implementing or supporting Zero Trust architecture in enterprise IT environments.
Experience supporting RMF processes, including integration of security controls and compliance requirements.
Experience analyzing cybersecurity data, vulnerabilities, and system behavior across enterprise systems.
Experience working with cybersecurity tools and technologies related to identity, access management, network security, and monitoring.
Experience supporting DoD or Federal cybersecurity operations.
Strong understanding of cybersecurity frameworks and compliance requirements.
Excellent communication and interpersonal skills to collaborate effectively with cross-functional teams.

Nice To Haves

Active TS/SCI clearance.
Experience operating within SAFe or Agile frameworks supporting enterprise systems.
Experience with DevSecOps practices and tools.
Familiarity with cybersecurity tools and technologies relevant to Zero Trust implementations.
Advanced certifications such as CISSP, CISM, or equivalent.
Knowledge of cloud security principles and practices.
Experience in conducting security training and awareness programs.
Strong analytical and problem-solving skills.

Responsibilities

Design, implement, and enhance Zero Trust architecture capabilities aligned to DoD Zero Trust Strategy and NIST SP 800-207.
Assess system architectures and identify gaps in Zero Trust maturity across identity, device, network, application, and data layers.
Support development, execution, and maintenance of the Zero Trust Roadmap for WDP environments.
Integrate Zero Trust principles into DevSecOps pipelines, continuous monitoring processes, and system engineering activities.
Monitor and evaluate system compliance with Zero Trust policies, controls, and security standards.
Analyze cybersecurity data and system behavior to identify anomalies, risks, and potential threats.
Collaborate with cybersecurity engineers, ISSOs, ISSMs, DevSecOps teams, and system architects to implement Zero Trust solutions.
Generate, prepare, store, and maintain cybersecurity Body-of-Evidence (BOE) results to support the DoD RMF cybersecurity authorization process.
Define and maintain BOE requirements for the System.
Collect and organize BOE results generated by the software team as part of the DevSecOps process.
Publish, organize, and maintain BOE results in a Government-approved system (e.g., eMASS or Xacta).
Support RMF processes by integrating Zero Trust controls into authorization packages, BOE artifacts, and compliance documentation.
Identify, track, and support remediation of vulnerabilities and security gaps impacting Zero Trust implementation.
Assess and implement Zero Trust principles and architectures within the Risk Management Framework (RMF) process to enhance security across digital assets.
Develop and deliver training and awareness programs on Zero Trust principles and cybersecurity best practices.
Stay current with emerging threats and cybersecurity trends to continuously improve security posture.
Prepare and present reports on security assessments and compliance status to stakeholders.
Conduct risk assessments to identify vulnerabilities and recommend mitigation strategies.
Develop and maintain Zero Trust metrics, dashboards, and reporting for Government stakeholders.
Provide technical guidance and recommendations to improve security posture and Zero Trust maturity.
Support audits, assessments, and inspections related to cybersecurity and Zero Trust compliance.
Participate in SAFe ceremonies including PI Planning, backlog refinement, sprint reviews, and retrospectives.