Continuous Monitoring Analyst Senior

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster, better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced Senior Continuous Monitoring Analyst to support the delivery, enhancement, and adoption of enterprise data and analytics products used across multiple DoD organizations.

In this role, you will work alongside government partners, engineers, and other industry teammates to translate operational and strategic requirements into scalable, production-ready solutions. You will contribute directly to product planning, execution, and continuous improvement—helping ensure capabilities are delivered efficiently, aligned to mission priorities, and positioned for sustained success.

This position offers the opportunity to work on a high-visibility, enterprise program at the intersection of data, analytics, and emerging AI technologies. Ideal candidates are motivated by mission impact, comfortable operating in complex stakeholder environments, and interested in building deep domain expertise while delivering capabilities with real-world national security outcomes.

Primary Responsibilities

• Execute continuous monitoring of security controls to protect classified and unclassified data across mission environments.

• Implement and maintain tools and processes to track system performance, security posture, and compliance with RMF requirements in near real-time.

• Coordinates with cross-functional teams (ISSO, ISSM, engineering, IT, operations) to implement and enforce security protocols and best practices.

• Monitor systems throughout their lifecycle (new and re-authorized) for changes impacting cybersecurity posture.

• Validate updates to system security plans (SSPs) and Plans of Action and Milestones (POA&Ms) within GRC tools (e.g., eMASS).

• Validate implementation of security controls supporting automated ConMon reviews within RMF packages.

• Support development, execution, and continuous improvement of the Continuous Monitoring (ConMon) Strategy and program.

• Develop and maintain ConMon plans and templates for information systems.

• Analyze vulnerability and security data from tools such as ACAS, HBSS, Tanium, Splunk, or similar platforms.

• Support remediation tracking and resolution of vulnerabilities and compliance findings.

• Collaborate with ISSOs, ISSMs, DevSecOps, system engineers, and stakeholders to resolve cybersecurity issues and improve asset visibility.

• Support RMF activities including Step 0 preparation, data calls, and assessment coordination.

• Develop dashboards, reports, and analytics to support Government risk-based decision making.

• Coordinate with system administrators and tool owners to ensure scan coverage, credentialing, and data accuracy.

• Support the system development lifecycle of a Governance, Risk, and Compliance (GRC) technical solution within the organization. 

• Ensure ConMon deliverables are completed accurately and submitted on time.

• Communicate regularly with Government stakeholders regarding system posture, vulnerabilities, and risk status.

• Participate in SAFe ceremonies including PI Planning, backlog refinement, sprint reviews, and retrospectives.

Basic Qualifications

• Active Top Secret (TS) clearance with SCI eligibility.

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, Software Engineering, Information Systems, Computer Engineering, Mathematics, or related technical discipline OR equivalent training/experience aligned to DoD 8140 pathways.

• 8–12 years of relevant experience supporting cybersecurity, continuous monitoring, or vulnerability management activities.

• At least one of the following foundational qualification pathways consistent with DoD 8140 requirements:

  • Current DoD 8570/8140 baseline certification appropriate for Intermediate Cyber Defense Analyst roles (e.g., CySA+, GCDA, GCIH, or equivalent),

  • Offerings listed in the DoD 8140 Training Repository,

  • Demonstrated equivalent training and experience qualifying under DoD 8140 foundational qualification

• Experience implementing and supporting RMF processes, including continuous monitoring and system authorization.

• 3 or more years of experience working with cybersecurity tools such as ACAS, HBSS, Tanium, Splunk, or similar platforms.

• Experience analyzing vulnerabilities, system configurations, and compliance data across enterprise IT environments.

• Experience supporting cybersecurity audits, inspections, and compliance activities.

• Experience developing reports, dashboards, and work products to support risk-based decision making.

• Ability to evaluate the design and effectiveness of controls and standards to ensure compliancy in accordance with the applicable audits and inspections for an organization.

Preferred Qualifications

• Active TS/SCI

• Certifications in Cybersecurity like Security plus, DOD IA/IAT Level III certification

• Experience supporting continuous monitoring across NIPRNet, SIPRNet, and JWICS environments.

#ADVANA

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.