Software Developer, Journeyman
ICF
AWSAzureCloudCyber SecurityHadoopLinuxPythonShell ScriptingSparkSplunk
Security Control Assessor
Leidos
full-time
Posted on:
Location Type: Hybrid
Location: Alexandria • Maryland, Pennsylvania, Virginia • 🇺🇸 United States
Visit company websiteSalary
💰 $67,600 - $122,200 per year
Job Level
Mid-LevelSenior
Tech Stack
CloudCyber SecurityUnix
About the role
- Conduct cybersecurity assessments, audits, and inspections for DoD organizations and partners handling DoD information or connecting to the DoDIN
- Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing
- Adhere to policies and processes for each assessment type and support assessment development and execution
- Coordinate logistics, test plans, and scope with the SCA Team Lead
- Perform vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS
- Analyze security gaps and provide mitigation recommendations
- Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines
- Provide risk analysis and assessment results for authorization recommendations
- Participate in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R
- Mentor and guide personnel if in senior staff roles
Requirements
- Active DoD Top Secret clearance with SCI eligibility required
- Current DoD 8570 IAM II or IAT II certification
- Ability and willingness to travel for assessments as required, up to 85% of the time
- Level II: Bachelor's degree (IT-related field preferred) and five (5) years of cybersecurity or network security experience, including three (3) years of experience in a Certification and Accreditation/A&A role
- Level III: Bachelor's degree (IT-related field preferred) and eight (8) years of cybersecurity or network security experience, including five (5) years of experience in a Certification and Accreditation/A&A role
- Additional relevant experience may be considered in lieu of degree
- Demonstrated experience with STIGs, SRGs, POA&Ms
- Experience with tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS
- Strong understanding of the RMF process, NIST SP 800-37, NIST SP 800-53, CNSSI 1253
- Knowledge in Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications
- Strong written and verbal communication skills for reporting assessment findings
Benefits
- Competitive compensation
- Health and Wellness programs
- Income Protection
- Paid Leave
- Retirement
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurity assessmentsvulnerability assessmentscyber threat emulationperformance-based testingrisk analysisCertification and AccreditationSTIGsNIST SP 800-37NIST SP 800-53DoD policies
Soft skills
mentoringcommunicationlogistics coordinationteam collaborationanalytical skills
Certifications
DoD Top Secret clearanceDoD 8570 IAM II certificationDoD 8570 IAT II certification
