Senior Cybersecurity Documentation Specialist
Leidos
full-time
Posted on:
Location Type: Office
Location: Alexandria • Maryland • Virginia • United States
Visit company websiteExplore more
Salary
💰 $107,900 - $195,050 per year
Job Level
Tech Stack
About the role
- Lead Risk Management Framework (RMF) initiatives for Cross Domain Enterprise Services (CDES).
- Support the Multi-Security Level Integration and Test Facility (MSL-ITF) by providing detailed system requirements and continuous monitoring updates.
- Manage and maintain CDES and MSL-ITF Enterprise Mission Assurance Support Service (eMASS) packages.
- Implement tracking and remediation processes to improve vulnerability management timelines.
- Strengthen the overall security posture of the systems.
- Provide compliance insights to the Information System Security Manager (ISSM).
- Conduct regular audits and assessments to ensure compliance with DoD cybersecurity standards.
- Develop and maintain documentation for cybersecurity policies, procedures, and guidelines.
- Collaborate with cross-functional teams to ensure cybersecurity requirements are integrated into all phases of the system lifecycle.
- Ensure accuracy across Plans of Action and Milestones (POA&Ms), Assured Compliance Assessment Solution (ACAS) results, and Security Technical Implementation Guides (STIGs).
- Develop, review, and maintain cybersecurity documentation required for RMF authorization packages (e.g., SSPs, POA&Ms, SARs, policies, and procedures).
- Prepare and maintain Body of Evidence (BOE) artifacts supporting system authorization and continuous monitoring activities.
- Collect and organize BOE results generated by the software team as part of their DevSecOps process.
- Publish, organize, and maintain BOE results in a Government-approved system (such as eMASS or Xacta).
- Ensure cybersecurity documentation aligns with NIST SP 800-53, RMF, and DoD cybersecurity requirements.
- Validate accuracy and completeness of documentation within GRC tools (e.g., eMASS or equivalent).
- Support continuous monitoring documentation updates reflecting system changes, vulnerabilities, and remediation efforts.
- Collaborate with ISSOs, ISSMs, system engineers, DevSecOps teams, and cybersecurity personnel to collect and validate required documentation inputs.
- Support preparation for audits, inspections, and cybersecurity assessments by ensuring documentation readiness and traceability.
- Track and manage documentation updates related to system changes, configuration updates, and security control implementations.
- Develop standard templates, processes, and best practices for cybersecurity documentation management.
- Analyze compliance gaps and support remediation tracking and reporting.
- Support data calls, assessment activities, and RMF lifecycle processes (including Step 0 and ongoing authorization support).
- Prepare reports and documentation to support Government risk-based decision making.
- Participate in SAFe ceremonies including PI Planning, backlog refinement, sprint reviews, and retrospectives.
Requirements
- Active Top Secret (TS) clearance with SCI eligibility.
- Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, Information Systems, Engineering, or related technical discipline OR equivalent training/experience aligned to DoD 8140 pathways.
- 8–12 years of relevant experience supporting cybersecurity documentation, RMF, or compliance activities.
- Minimum of 5 years of experience in cybersecurity documentation and RMF processes.
- At least one of the following foundational qualification pathways consistent with DoD 8140 requirements: Current DoD 8570/8140 baseline certification appropriate for Intermediate Cyber Defense Analyst roles (e.g., CySA+, GCDA, GCIH, or equivalent), Offerings listed in the DoD 8140 Training Repository, Demonstrated equivalent training and experience qualifying under DoD 8140 foundational qualification alternatives.
- Ability to generate, prepare, store, and maintain cybersecurity BOE results.
- Experience in vulnerability management and remediation processes.
- Experience developing and maintaining RMF documentation (e.g., SSPs, POA&Ms, BOE artifacts).
- Experience supporting continuous monitoring and cybersecurity compliance processes.
- Experience working with GRC tools such as eMASS or equivalent.
- Experience supporting cybersecurity audits, inspections, and authorization activities.
- Experience analyzing and applying cybersecurity standards (e.g., NIST SP 800-53, RMF).
- Experience operating within SAFe or Agile frameworks supporting enterprise systems.
Benefits
- competitive compensation
- health and wellness programs
- income protection
- paid leave
- retirement
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Risk Management Framework (RMF)cybersecurity documentationvulnerability managementcontinuous monitoringcompliance analysisdocumentation managementcybersecurity policiessystem requirementsDevSecOpsaudits and assessments
Soft Skills
collaborationcommunicationorganizational skillsattention to detailproblem-solvingleadershipanalytical skillsreportingprocess improvementadaptability
Certifications
Top Secret (TS) clearanceCySA+GCDAGCIHDoD 8570/8140 baseline certificationDoD 8140 Training Repository qualificationsequivalent training/experience