Senior Cybersecurity Documentation Specialist

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster, better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced Senior Cybersecurity Documentation Specialist to support the delivery, enhancement, and adoption of enterprise data and analytics products used across multiple DoD organizations.

In this role, you will work alongside government partners, engineers, and other industry teammates to translate operational and strategic requirements into scalable, production-ready solutions. You will contribute directly to product planning, execution, and continuous improvement—helping ensure capabilities are delivered efficiently, aligned to mission priorities, and positioned for sustained success.

This position offers the opportunity to work on a high-visibility, enterprise program at the intersection of data, analytics, and emerging AI technologies. Ideal candidates are motivated by mission impact, comfortable operating in complex stakeholder environments, and interested in building deep domain expertise while delivering capabilities with real-world national security outcomes.

Primary Responsibilities:

• Lead Risk Management Framework (RMF) initiatives for Cross Domain Enterprise Services (CDES).
• Support the Multi-Security Level Integration and Test Facility (MSL-ITF) by providing detailed system requirements and continuous monitoring updates.
• Manage and maintain CDES and MSL-ITF Enterprise Mission Assurance Support Service (eMASS) packages.
• Implement tracking and remediation processes to improve vulnerability management timelines.
• Strengthen the overall security posture of the systems.
• Provide compliance insights to the Information System Security Manager (ISSM).
• Conduct regular audits and assessments to ensure compliance with DoD cybersecurity standards.
• Develop and maintain documentation for cybersecurity policies, procedures, and guidelines.
• Collaborate with cross-functional teams to ensure cybersecurity requirements are integrated into all phases of the system lifecycle.
• Ensure accuracy across Plans of Action and Milestones (POA&Ms), Assured Compliance Assessment Solution (ACAS) results, and Security Technical Implementation Guides (STIGs).
• Develop, review, and maintain cybersecurity documentation required for RMF authorization packages (e.g., SSPs, POA&Ms, SARs, policies, and procedures).
• Prepare and maintain Body of Evidence (BOE) artifacts supporting system authorization and continuous monitoring activities .
• Collect and organize BOE results generated by the software team as part of their DevSecOps process.
• Publish, organize, and maintain BOE results in a Government-approved system (such as eMASS or Xacta).
• Ensure cybersecurity documentation aligns with NIST SP 800-53, RMF, and DoD cybersecurity requirements.
• Validate accuracy and completeness of documentation within GRC tools (e.g., eMASS or equivalent).
• Support continuous monitoring documentation updates reflecting system changes, vulnerabilities, and remediation efforts.
• Collaborate with ISSOs, ISSMs, system engineers, DevSecOps teams, and cybersecurity personnel to collect and validate required documentation inputs.
• Support preparation for audits, inspections, and cybersecurity assessments by ensuring documentation readiness and traceability.
• Track and manage documentation updates related to system changes, configuration updates, and security control implementations.
• Develop standard templates, processes, and best practices for cybersecurity documentation management.
• Analyze compliance gaps and support remediation tracking and reporting.
• Support data calls, assessment activities, and RMF lifecycle processes (including Step 0 and ongoing authorization support).
• Prepare reports and documentation to support Government risk-based decision making.
• Participate in SAFe ceremonies including PI Planning, backlog refinement, sprint reviews, and retrospectives.

Basic Qualifications:

• Active Top Secret (TS) clearance with SCI eligibility.
• Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, Information Systems, Engineering, or related technical discipline OR equivalent training/experience aligned to DoD 8140 pathways.
• 8–12 years of relevant experience supporting cybersecurity documentation, RMF, or compliance activities.
• Minimum of 5 years of experience in cybersecurity documentation and RMF processes.
• At least one of the following foundational qualification pathways consistent with DoD 8140 requirements:
  • Current DoD 8570/8140 baseline certification appropriate for Intermediate Cyber Defense Analyst roles (e.g., CySA+, GCDA, GCIH, or equivalent),
  • Offerings listed in the DoD 8140 Training Repository,
  • Demonstrated equivalent training and experience qualifying under DoD 8140 foundational qualification alternatives.
• Ability to generate, prepare, store, and maintain cybersecurity BOE results.
• Experience in vulnerability management and remediation processes Experience developing and maintaining RMF documentation (e.g., SSPs, POA&Ms, BOE artifacts).
• Experience supporting continuous monitoring and cybersecurity compliance processes.
• Experience working with GRC tools such as eMASS or equivalent.
• Experience supporting cybersecurity audits, inspections, and authorization activities.
• Experience analyzing and applying cybersecurity standards (e.g., NIST SP 800-53, RMF).
• Experience operating within SAFe or Agile frameworks supporting enterprise systems.

Preferred Qualifications:

• Active TS/SCI clearance.
• Master’s degree in Cybersecurity, Information Technology, or a related field.
• Experience supporting cybersecurity documentation across NIPRNet, SIPRNet, and JWICS environments.
• Familiarity with Xacta or similar systems.
• Experience supporting DevSecOps-integrated cybersecurity documentation processes.
• Relevant cybersecurity certifications (e.g., Security+, CySA+, CASP+, or equivalent).
• Experience developing standardized documentation frameworks and knowledge management solutions.
• Strong analytical and problem-solving skills.
• Excellent communication and documentation skills.

#ADVANA

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.