Leidos Inc
Description
Leidos is seeking multiple ConMon Analysts to be responsible for overseeing and monitoring authorized IT systems (re‑authorization and new systems) throughout their lifecycle for security posture impact. These positions can be based out of any of our three locations – Alexandria, VA, Fort Meade, MD, or Chambersburg, PA.
These positions are primarily on‑site, but some partial telework may be available at the discretion of our customer and program management.
Maximum starting salary for these positions is $70,000/year .
Responsibilities
Analyze proposed or actual system changes to determine security impact, and assess security controls and their effectiveness.
Utilize Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and ESS to assess, validate, and monitor enterprise and system‑level security controls.
Develop and maintain the DISA RE5 ConMon Strategy to support the A&A mission.
Create and update the DISA RE5 ConMon SOP, outlining required activities and artifacts that include the oversight and monitoring of IT systems throughout their lifecycle.
Conduct continuous assessments of security controls, perform automated/manual security control monitoring of information systems and provide IS / Security Control Status Reports based on live data from security monitoring tools.
Ensure ongoing assessments are in compliance with industry auditor standards to monitor security, vulnerabilities, and threats.
Ensure ConMon‑related controls are properly implemented in RMF packages within eMASS.
Report system risk status using the DISA‑approved reporting tool.
Maintain the ConMon Dashboard, tracking compliance, POA&M status, CMRS visibility, asset management, FISMA reviews, and annual validations.
Track automated and manual security controls, identifying overdue assessments and validations.
Coordinate with System, ACAS, and HBSS/ESS Administrators to resolve credentialing and data issues.
Provide real‑time security status metrics based on the ConMon Strategy and SOP and alert Leidos and government leadership of security posture changes with negative impact.
Basic Qualifications
Active DoD Top Secret clearance with SCI eligibility required.
Current DoD 8570 IAM II or IAT II certification.
Bachelor's degree (IT‑related field preferred) and three (3) years of overall experience in cybersecurity or network security position. Additional relevant experience may be considered in lieu of degree.
Understanding of security architecture, system hardening, vulnerability management, and intrusion detection/prevention.
Proficiency in one or more of the following tools: Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and HBSS.
Understanding of the RMF process, NIST SP 800‑37, NIST SP 800‑53, CNSSI 1253.
VMP experience.
Strong communication, presentation, and customer service skills.
Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr
These positions are primarily on‑site, but some partial telework may be available at the discretion of our customer and program management.
Maximum starting salary for these positions is $70,000/year .
Responsibilities
Analyze proposed or actual system changes to determine security impact, and assess security controls and their effectiveness.
Utilize Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and ESS to assess, validate, and monitor enterprise and system‑level security controls.
Develop and maintain the DISA RE5 ConMon Strategy to support the A&A mission.
Create and update the DISA RE5 ConMon SOP, outlining required activities and artifacts that include the oversight and monitoring of IT systems throughout their lifecycle.
Conduct continuous assessments of security controls, perform automated/manual security control monitoring of information systems and provide IS / Security Control Status Reports based on live data from security monitoring tools.
Ensure ongoing assessments are in compliance with industry auditor standards to monitor security, vulnerabilities, and threats.
Ensure ConMon‑related controls are properly implemented in RMF packages within eMASS.
Report system risk status using the DISA‑approved reporting tool.
Maintain the ConMon Dashboard, tracking compliance, POA&M status, CMRS visibility, asset management, FISMA reviews, and annual validations.
Track automated and manual security controls, identifying overdue assessments and validations.
Coordinate with System, ACAS, and HBSS/ESS Administrators to resolve credentialing and data issues.
Provide real‑time security status metrics based on the ConMon Strategy and SOP and alert Leidos and government leadership of security posture changes with negative impact.
Basic Qualifications
Active DoD Top Secret clearance with SCI eligibility required.
Current DoD 8570 IAM II or IAT II certification.
Bachelor's degree (IT‑related field preferred) and three (3) years of overall experience in cybersecurity or network security position. Additional relevant experience may be considered in lieu of degree.
Understanding of security architecture, system hardening, vulnerability management, and intrusion detection/prevention.
Proficiency in one or more of the following tools: Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and HBSS.
Understanding of the RMF process, NIST SP 800‑37, NIST SP 800‑53, CNSSI 1253.
VMP experience.
Strong communication, presentation, and customer service skills.
Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr