Cyber Analyst (SAV)

The Defense Group at Leidos has an exciting opportunity as a Site Assistance Visit Analyst on our GSM-O contract in Alexandria, VA. Through the Risk Management Executive (RME) Cybersecurity Task Order on our GSM-O contract, we identify, assess, and prioritize risks to DISA and DoD mission partners, as well as develop risk mitigation strategies to increase the security posture of systems, networks, programs, and data in the face of internal and external threats.  Our overall mission is to ensure DISA’s information systems, assets, and enclaves possess the necessary security measures to ensure their confidentiality, integrity, and availability as well as maintain RME’s adherence to DoD, DISA, and National Institute of Standards and Technology (NIST) approved cybersecurity and Risk Management Framework (RMF) policies, standards, and guidelines.

This position allows up to 50% telework after a ramp up period (about 3-4 weeks spent 100% on-site).

Primary Responsibilities:

• Conduct cybersecurity related audits, inspections, vulnerability assessments, compliance assessments, Security Readiness Review (SRR), and ensure compliance with Cyber Security Service Provider (CSSP) and Command Cyber Readiness Inspection (CCRI) evaluation criteria. 

• Execute Site Assistance Visits (SAVs) to ensure regulatory compliance with Command Cyber Operational Readiness Inspection (CCORI), Public Key Infrastructure (PKI), North Atlantic Treaty Organization (NATO), and Balanced Survivability Assessment (BSA).

• Manage projects, track and report completion/closure of inspection findings documented in Plan of Actions and Milestones (POA&M) and other action item in the Inspection Findings Reports

• Identify systems and assets that are not sufficiently assessed through automated scanning or routine, periodic assessments and recommend and/or conduct customized, manual assessments of systems as required to ensure proper evaluation for compliance

• Track and maintain Post Inspection Finding Remediation and POA&M Status Report for all inspections

• Validate remediation of the findings or submit the artifacts/or POA&Ms to inspecting organization for approval

• Perform technical, operational, and non-technical CCRI evaluation areas including, internal and external network infrastructure, Domain Name System (DNS), internal network vulnerability scan, wireless and mobile security, enclave security,  Host Based Security System (HBSS), configuration reviews, traditional/physical security, releasable (REL) networks, database security, cross domain solutions, Voice over Internet Protocol (VoIP), Voice over Secure Internet Protocol (VoSIP),  Video Teleconference (VTC), exchange services, different operating systems (specifically UNIX, Windows, Linux), web servers, REL networks and compliance directives.

Basic Qualifications:

• Bachelor's degree in Science or Engineering Discipline and 8+ years of experience is required. Additional experience may be considered in lieu of degree. 

• DoD 8570 IAT Level II certification.

• Active Secret (TS/SCI eligible) security clearance is required prior to start.

Original Posting:May 1, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:Pay Range $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.