Leidos

Senior SCRM SBOM Analyst

Reposted 12 Days Ago

Be an Early Applicant

Alexandria, VA, USA

In-Office

108K-195K Annually

Senior level

Information Technology • Software

The Role

As a Senior SCRM SBOM Analyst, you will analyze and maintain Software Bills of Materials, assess risks, and support compliance in a DoD environment.

Summary Generated by Built In

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster, better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced Senior SCRM SBOM Analyst to support the delivery, enhancement, and adoption of enterprise data and analytics products used across multiple DoD organizations.

In this role, you will work alongside government partners, engineers, and other industry teammates to translate operational and strategic requirements into scalable, production-ready solutions. You will contribute directly to product planning, execution, and continuous improvement—helping ensure capabilities are delivered efficiently, aligned to mission priorities, and positioned for sustained success.

This position offers the opportunity to work on a high-visibility, enterprise program at the intersection of data, analytics, and emerging AI technologies. Ideal candidates are motivated by mission impact, comfortable operating in complex stakeholder environments, and interested in building deep domain expertise while delivering capabilities with real-world national security outcomes.

Primary Responsibilities

Develop, generate, and maintain Software Bills of Materials (SBOMs) for mission systems, including all third-party and transitive dependencies.
Analyze SBOM data to identify vulnerabilities, outdated components, and supply chain risks.
Support integration of SBOM processes into DevSecOps pipelines and software development lifecycle activities.
Evaluate third-party software components for compliance with DoD cybersecurity policies and SCRM requirements.
Collaborate with software engineers, DevSecOps teams, and cybersecurity personnel to remediate identified risks.
Track and report vulnerabilities and supply chain risks associated with software components.
Support continuous monitoring of supply chain security posture and emerging threats.
Ensure compliance with DoD SCRM guidance, Zero Trust principles, and enterprise cybersecurity policies.
Develop and maintain documentation related to SBOM processes, policies, and procedures.
Support audits, inspections, and compliance assessments related to supply chain security.
Develop dashboards, reports, and analytics to support Government risk-based decision making.
Collaborate with stakeholders across cybersecurity, data engineering, and system engineering teams.

Basic Qualifications

Active Top Secret (TS) clearance with SCI eligibility.
Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related technical discipline and 8 years of relevant experience OR Master’s degree in a related field and 6 years of relevant experience.
Experience supporting SCRM or cybersecurity risk management in Federal or DoD environments.
Demonstrated ability to communicate with senior government customers and the ability to influence within multiple levels of the organization
Developing SBOM and HBOM analysis, analyze end-to-end cyber supply chain risks
Proficient using GRC tools such as eMASS
Cybersecurity experience
Project Management fundamentals
Demonstrated experience with:
- In-depth analysis of Zero Trust Capabilities, Infrastructures and Architecture.
- 3+ years of team and/or operational leadership experience.
- 7+ years of experience in USG cyber risk management, assessments and authorization (A&A), certification & accreditation (C&A) and using NIST Special Publications (SP) (e.g.: SP800-30, SP800-37, SP800-53, etc.)
- 7+ years of experience in designing and engineering enterprise IT solutions within the USG using NIST SP (e.g.: SP800-60, SP800-64, SP800-80, SP800-122, SP800-137, SP800-146, SP800-160, SP800-204, SP800-207, SP800-213, etc.)
Certifications in Cybersecurity like Security plus, CISM

Preferred Qualifications

Active TS/SCI
Master’s degree in supply chain management, engineering, cybersecurity, or other technical discipline
Project Management Experience or PMP, .
Experience with core Systems Engineering Disciplines (Requirements, Schedule, Risk, Readiness, System Closure, etc.)
Certifications in Cybersecurity like CISSP, CISM, ERAI certification or CASP are strongly preferred.

#ADVANA

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:April 16, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:Pay Range $107,900.00 - $195,050.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Skills Required

Active Top Secret clearance with SCI eligibility
Bachelor's degree in Cybersecurity or related field and 8 years of experience or Master's degree and 6 years of experience
Experience in SCRM or cybersecurity risk management in Federal or DoD environments
Proficient using GRC tools such as eMASS
7+ years of experience in USG cyber risk management and using NIST Special Publications
Certifications in Cybersecurity like Security Plus or CISM

Leidos Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Leidos and has not been reviewed or approved by Leidos.

Healthcare Strength — Healthcare coverage is described as comprehensive, with multiple plan options, low office-visit copays in some plans, and access to mental health and wellness support tools. The availability of HSA/FSA options and employer contributions is positioned as a meaningful part of the total package.
Retirement Support — Retirement benefits are framed as a strong component of total rewards, highlighted by a 401(k) match and immediate vesting in the standard package. The Employee Stock Purchase Plan is also presented as an additional long-term wealth-building feature.
Wellbeing & Lifestyle Benefits — Wellbeing and lifestyle supports extend beyond core insurance, including wellness programs, fitness-related stipends, and assistance resources. Work flexibility and related perks are also included as part of the broader rewards experience.

Learn more about Leidos's Compensation & Benefits →

Leidos Insights

What's It Like to Work at Leidos? Leidos Culture & Values Leidos Career Growth & Development What's the Work-Life Balance Like at Leidos? Leidos Leadership & Management Leidos Company Growth, Stability & Outlook

View all jobs at Leidos

View Leidos Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

Alexandria, VA

27,104 Employees

Year Founded: 1969

What We Do

We Are Leidos For 50 years we have been tackling some of the biggest problems that face our nation and our world. OUR MISSION Through our culture of innovation and history of performance, we develop deep customer trust built on integrity and create enduring solutions that improve our world. Leidos is a science and technology solutions leader working to address some of the world’s toughest challenges in the defense, intelligence, homeland security, civil, and healthcare markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. Leidos was cited for the meaningful work employees perform that is challenging, impactful, and aligned with our customers’ missions as reasons professionals want to work and stay at our company. Leidos has also been named to lists including Forbes’ Best Employers for Diversity, Forbes’ America’s Best Employers for Women, Military Times Best for Vets Employers, and Ethisphere Institute’s World's Most Ethical Companies®. Employees enjoy career enrichment opportunities available through mobility and development and experience rewarding relationships with supportive supervisors and talented colleagues and customers. Employees appreciate our flexible work environment, allowing for and encouraging a true work-life balance. Our professionals are also excited about our Employee Resource Groups, like the newly launched Collaborative Outreach with Remote and Embedded Employees (CORE), which strives to create an environment where every employee, regardless of location, feels fully engaged as a valued employee of Leidos. Your most important work is ahead.