Leidos Inc
Job Description
Leidos is seeking a Jr. Security Control Assessor (SCA) that is responsible for planning, executing, and documenting security control assessments in accordance with NIST SP 800-53 Revision 5, NIST SP 800-53A Rev. 5, and applicable federal security assessment methodologies. The SCA evaluates the effectiveness of implemented security controls across systems, environments, and organizations to determine compliance, residual risk, and readiness for Authorization to Operate (ATO). Team Culture
Your passion and values might be a good fit for our teams if you answer "yes" to the following questions: Are you looking for a company that puts employees first, with a focus on career, flexibility, and well‑being? Do you enjoy collaborating with colleagues and teammates and believe that the best ideas are fostered in an inclusive environment? Are you searching for a team with a strong sense of ownership, urgency, and drive for daily mission success? Are you comfortable with proactive outward communication and technical leadership? Do you enjoy being a catalyst, solving complex problems, and providing innovative solutions? Do you have the flexibility, creativity, and resilience to pivot the mission for success? Do you have the courage to make tough ethical decisions with pride, transparency, and respect? Mentorship & Career Growth
Our teams are dedicated to supporting new team members in an environment that celebrates knowledge sharing and mentorship. Experienced team members will be assigned to new hires for one‑on‑one mentoring, collaborative reviews, and coaching on customer engagement to help each new hire successfully onboard and demonstrate their skills. Projects and tasks are assigned in a way that leverages your strengths and will help you further develop your skill set. Day to Day Responsibilities
Find your "Why" with us and take your place in our Leidos Family! Key Responsibilities
Develop and execute Security Assessment Plans (SAPs) aligned with NIST 800-53A Rev. 5 assessment procedures. Conduct independent security control assessments (SCAs) to validate that implemented controls meet applicable federal and agency security requirements. Perform evidence reviews, interviews, and technical testing (e.g., configuration validation, vulnerability scans, policy reviews). Document findings, weaknesses, and residual risks in Security Assessment Reports (SARs) and provide recommendations for remediation. Assess the implementation and effectiveness of security controls across all NIST control families, including Access Control (AC), Audit and Accountability (AU), Configuration Management (CM), Incident Response (IR), Risk Assessment (RA), and System & Communications Protection (SC). Collaborate with Information System Owners (ISOs), Information System Security Officers (ISSOs), and Authorizing Officials (AOs) to clarify assessment results and risk posture. Map findings to Risk Management Framework (RMF) steps 4 and 5, supporting authorization decisions. Participate in Continuous Monitoring (ConMon) and annual assessment activities for ongoing authorization. Ensure assessment procedures are consistent with NIST, FedRAMP, and agency‑specific security requirements. Maintain up‑to‑date understanding of changes in NIST guidance, FISMA, and Zero Trust Architecture (ZTA) frameworks that impact assessment criteria. Required Qualifications
Bachelor's degree in Computer Science, Information Assurance, Cybersecurity, or a related field (or equivalent experience). 2+ years of experience performing security control assessments under NIST RMF or FedRAMP. In‑depth knowledge of NIST SP 800-53 Rev. 5, NIST SP 800-53A Rev. 5, and NIST SP 800-37 Rev. 2. Experience using security assessment tools such as Nessus, Splunk, ACAS, OpenVAS, or equivalent. Familiarity with vulnerability management, configuration baselines, and system security documentation (SSP, POA&M, SAR). Strong analytical, documentation, and reporting skills. Ability to communicate technical findings clearly to both technical and non‑technical audiences. Must be willing to work on site in Baltimore, MD 5 days per week. Must be able to obtain and maintain a Public Trust. Contract requirement. Preferred Qualifications
Certifications such as CISSP, CISA, CAP, CEH, or Security+. Experience performing assessments in FedRAMP, DoD RMF, or DHS CDM environments. Knowledge of Zero Trust principles and their alignment with NIST SP 800-207. Selected Candidate Must Be Willing to Work On‑Site
Selected candidate must be willing to work on‑site in Woodlawn, MD 5 days a week. About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com. Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits. Commitment to Non‑Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr
Leidos is seeking a Jr. Security Control Assessor (SCA) that is responsible for planning, executing, and documenting security control assessments in accordance with NIST SP 800-53 Revision 5, NIST SP 800-53A Rev. 5, and applicable federal security assessment methodologies. The SCA evaluates the effectiveness of implemented security controls across systems, environments, and organizations to determine compliance, residual risk, and readiness for Authorization to Operate (ATO). Team Culture
Your passion and values might be a good fit for our teams if you answer "yes" to the following questions: Are you looking for a company that puts employees first, with a focus on career, flexibility, and well‑being? Do you enjoy collaborating with colleagues and teammates and believe that the best ideas are fostered in an inclusive environment? Are you searching for a team with a strong sense of ownership, urgency, and drive for daily mission success? Are you comfortable with proactive outward communication and technical leadership? Do you enjoy being a catalyst, solving complex problems, and providing innovative solutions? Do you have the flexibility, creativity, and resilience to pivot the mission for success? Do you have the courage to make tough ethical decisions with pride, transparency, and respect? Mentorship & Career Growth
Our teams are dedicated to supporting new team members in an environment that celebrates knowledge sharing and mentorship. Experienced team members will be assigned to new hires for one‑on‑one mentoring, collaborative reviews, and coaching on customer engagement to help each new hire successfully onboard and demonstrate their skills. Projects and tasks are assigned in a way that leverages your strengths and will help you further develop your skill set. Day to Day Responsibilities
Find your "Why" with us and take your place in our Leidos Family! Key Responsibilities
Develop and execute Security Assessment Plans (SAPs) aligned with NIST 800-53A Rev. 5 assessment procedures. Conduct independent security control assessments (SCAs) to validate that implemented controls meet applicable federal and agency security requirements. Perform evidence reviews, interviews, and technical testing (e.g., configuration validation, vulnerability scans, policy reviews). Document findings, weaknesses, and residual risks in Security Assessment Reports (SARs) and provide recommendations for remediation. Assess the implementation and effectiveness of security controls across all NIST control families, including Access Control (AC), Audit and Accountability (AU), Configuration Management (CM), Incident Response (IR), Risk Assessment (RA), and System & Communications Protection (SC). Collaborate with Information System Owners (ISOs), Information System Security Officers (ISSOs), and Authorizing Officials (AOs) to clarify assessment results and risk posture. Map findings to Risk Management Framework (RMF) steps 4 and 5, supporting authorization decisions. Participate in Continuous Monitoring (ConMon) and annual assessment activities for ongoing authorization. Ensure assessment procedures are consistent with NIST, FedRAMP, and agency‑specific security requirements. Maintain up‑to‑date understanding of changes in NIST guidance, FISMA, and Zero Trust Architecture (ZTA) frameworks that impact assessment criteria. Required Qualifications
Bachelor's degree in Computer Science, Information Assurance, Cybersecurity, or a related field (or equivalent experience). 2+ years of experience performing security control assessments under NIST RMF or FedRAMP. In‑depth knowledge of NIST SP 800-53 Rev. 5, NIST SP 800-53A Rev. 5, and NIST SP 800-37 Rev. 2. Experience using security assessment tools such as Nessus, Splunk, ACAS, OpenVAS, or equivalent. Familiarity with vulnerability management, configuration baselines, and system security documentation (SSP, POA&M, SAR). Strong analytical, documentation, and reporting skills. Ability to communicate technical findings clearly to both technical and non‑technical audiences. Must be willing to work on site in Baltimore, MD 5 days per week. Must be able to obtain and maintain a Public Trust. Contract requirement. Preferred Qualifications
Certifications such as CISSP, CISA, CAP, CEH, or Security+. Experience performing assessments in FedRAMP, DoD RMF, or DHS CDM environments. Knowledge of Zero Trust principles and their alignment with NIST SP 800-207. Selected Candidate Must Be Willing to Work On‑Site
Selected candidate must be willing to work on‑site in Woodlawn, MD 5 days a week. About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com. Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits. Commitment to Non‑Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr