Security Control Assessor

Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing.

• Adhere to policies and processes for each assessment type.

• Support assessment development and execution to ensure security expertise is properly applied.

• Coordinate logistics, test plans, and scope with the SCA Team Lead.

• Perform vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS.

• Analyze security gaps and provide mitigation recommendations.

• Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines.

• Provide risk analysis and assessment results for authorization recommendations.

• Participate in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R.

• If senior staff, mentor and guide personnel by providing technical expertise, best practices, and professional development support to enhance team capabilities and knowledge

BASIC QUALIFICATIONS:

• Active DoD Top Secret clearance with SCI eligibility required

• Current DoD 8570 IAM II or IAT II certification

• Ability and willingness to travel for assessments as required, up to 85% of the time

• Education and experience required per job level:

  • Level II: Bachelor's degree (IT-related field preferred) and five (5) years of cybersecurity or network security experience, including three (3) years of experience in a Certification and Accreditation/A&A role. Additional relevant experience may be considered in lieu of degree.
  • Level III: Bachelor's degree (IT-related field preferred) and eight (8) years of cybersecurity or network security experience, including five (5) years of experience in a Certification and Accreditation/A&A role. Additional relevant experience may be considered in lieu of degree.

• Demonstrated experience with STIGs, SRGs, POA&Ms and cybersecurity best practices, as well as relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS

• Strong understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253, as well as key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications

• Strong written and verbal communication skills for reporting assessment findings

At Leidos, we don't want someone who "fits the mold"-we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, "what's next?" before the dust settles on "what's now."

If you're already scheming step 20 while everyone else is still debating step 2... good. You'll fit right in.

Original Posting:
July 18, 2025
At Leidos, we don't want someone who "fits the mold"-we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, "what's next?" before the dust settles on "what's now."

If you're already scheming step 20 while everyone else is still debating step 2... good. You'll fit right in.

Pay Range:
Pay Range $67,600.00 - $122,200.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.