Traveling Security Control Assessor

Leidos Holdings Inc.•Odenton, MD

35d•$85,150 - $153,925•Hybrid

About The Position

Leidos is seeking mid- to senior-level Security Control Assessors to join our SCA team. This position requires significant travel-please review the position overview below for important details. The maximum starting salary for this role is $112,500. A Top Secret clearance and current IAT/IAM II certification (eg Security+ or equivalent) is required for consideration. POSITION OVERVIEW As a Security Control Assessor, you will play a key role in conducting Security Control Assessments at various government sites, with approximately 85% of your time on travel assignments. Travel may be domestic or international, depending on mission requirements, and per diem is provided to cover expenses. You'll have the flexibility to work from home when not on assignment, but must be local to one of our three locations for training and occasional customer meetings - Alexandria, VA, Fort Meade, MD, or Chambersburg, PA. Your first few weeks will involve assessment training in a virtual classroom environment, which includes training modules, lectures, and exams. You will also gain hands-on experience by shadowing current Assessors on local assessments across the greater DC-Baltimore area (referred to as "check rides"). Once your training and check rides are successfully completed, you will be added to the regular travel schedule.

Requirements

Active DoD Top Secret clearance with SCI eligibility required
Current DoD 8570 IAM II or IAT II certification
Ability and willingness to travel for assessments as required, up to 85% of the time
Bachelor's degree (IT-related field preferred) and eight (8) years of cybersecurity or network security experience, including five (5) years of experience in a Certification and Accreditation/A&A role. Additional relevant experience may be considered in lieu of degree.
Demonstrated experience with STIGs, SRGs, POA&Ms and cybersecurity best practices, as well as relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS
Strong understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253, as well as key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications
Strong written and verbal communication skills for reporting assessment findings

Responsibilities

Conduct cybersecurity assessments, audits, and inspections for DoD organizations and partners handling DoD information or connecting to the DoDIN.
Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing.
Adhere to policies and processes for each assessment type.
Support assessment development and execution to ensure security expertise is properly applied.
Coordinate logistics, test plans, and scope with the SCA Team Lead.
Perform vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS.
Analyze security gaps and provide mitigation recommendations.
Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines.
Provide risk analysis and assessment results for authorization recommendations.
Participate in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R.
Mentor and guide personnel by providing technical expertise, best practices, and professional development support to enhance team capabilities and knowledge