ISSO Cybersecurity Assessment and Authorization Analyst @ Leidos

The Leidos Digital Modernization Sector has a career opportunity for an ISSO Cybersecurity A&A Analyst in support of the Air Force National Capital Region IT Services program.

The AFNCR IT Services program provides support services for information systems for Headquarters Air Force (HAF), Air Force District of Washington (AFDW), Office of the Secretary of Defense (OSD), Joint Chiefs of Staff, and other Air Force activities within the AFNCR, missions to include the Pentagon, Joint Base Andrews (JBA), Joint Base Anacostia-Bolling (JBAB), and other locations, leased spaces, and alternate sites. The major support areas required are IT Operations and Maintenance; Plans, Projects, and Engineering (PP&E); and National Military Command Center (NMCC). The senior leaders and national defense missions that are supported require that the AFNCR operations never fail, resulting in a fast-paced, challenging, but also rewarding environment.

If this sounds like the kind of environment where you can thrive, keep reading!

The Leidos Digital Modernization Sector provides a diverse portfolio of systems, solutions, and services covering land, sea, air, space, and cyberspace for customers worldwide. Solutions for Defense include enterprise and mission IT, large-scale intelligence systems, command and control, geospatial and data analytics, cybersecurity, logistics, training, and intelligence analysis and operations support. Our team is solving the world’s toughest security challenges for customers with “can’t fail” missions.

Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today!

Primary Responsibilities:

1. Must be able to work in a constantly changing regulatory environment with short, mid, and long term timelines for remediating any non-compliance.
2. Must be able to work well within a team environment and able to adapt quickly to change.
3. Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc.
4. Maintain cybersecurity procedures and processes as assigned.
5. Able to analyze, interpret, and apply Federal cybersecurity guidance to customer needs.
6. Communicate the security posture of systems through designated reporting mechanisms.
7. Assist in preparation and review documentation to include System Security Plans (SSPs), Risk Assessment Reports (RAR), and other Assessment & Authorization (A&A) artifacts.
8. Assist in the research and address information security issues as required, and develop and maintain the Plan of Action and Milestones (POA&M) and support remediation activities.
9. Develop and advise on Assessment and Authorization (A&A) artifacts and security documentation, including System Security Plans (SSP) and POA&Ms.
10. Perform Risk Management Framework (RMF) activities to achieve Authority to Operate (ATO).
11. Perform continuous monitoring of security controls to ensure proper implementation, operation, and cybersecurity compliance of IT systems.
12. Advise system owners on all security-related matters.
13. Provide management status reports and document system changes clearly and effectively.
14. Analyze problems and provide focused solutions, communicating effectively with various audiences verbally and in writing.

Basic Qualifications:

• Bachelor's Degree with 8+ years of applicable experience, or additional years of experience in lieu of a degree.
• Active TS/SCI Security Clearance.
• Current DoD 8570 baseline certification for IAT II (e.g., GSEC, Security+, SCNP, SSCP).
• 5-10 years of Cyber Security experience.
• 2 years of IT experience (Networking/System Administration).
• Working knowledge of security system controls, policies, safeguards, and operational security measures.
• Familiarity with DoD STIG process.
• Excellent verbal and written communication skills.
• Experience executing security assessment and authorization (or ATO) processes with independent assessors.
• Experience with Continuous Monitoring and maintaining security posture of IT systems.
• Familiarity with eMASS and XACTA.

Original Posting: April 25, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range: $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include responsibilities, education, experience, knowledge, skills, abilities, internal equity, market data, bargaining agreements, or other laws.