Cybersecurity RMF Specialist

Description The Digital Modernization Sector at Leidos is seeking an experienced Cybersecurity Risk Management Framework (RMF) Specialist to join  the DISA Defense Red Switch Network (DRSN) team in support of an enterprise VoIP management system – GSM-O II contract at Fort Meade, MD.  The ideal  candidate will have a background in guiding systems through the Assessment and Authorization (A&A) lifecycle and be responsible for maintaining the XACTA package and maintaining associated security documentation on a high-paced, fast-moving program. The candidate will be a member of a team that interacts with technical and non-technical individuals including customers and vendors, but primarily with our subject matter expert teammates. In this role, the candidate will provide expertise on security related questions and coordinate with system owners, ISSMs, and Authorizing Officials (AOs) throughout the ATO process.  Responsibilities:Serve as the subject matter expert on the RMF processLead the development, service, and annual sustainment of the Security Control Policy Plan in areas such as Control Implementation, Assessment and Monitoring, Mitigation Plans, Training and AwarenessAssist the government with development, service, and annual sustainment of the Security Control Policy Plans for Contingency and Incident Response, Security Control Assesments, Roles and Responsibilities, and Compliance RequirementsProvide strategic guidance to engineering and security teams regarding security controls and compliance requirementsCoordinate with system owners, ISSOs, ISSMs, and AOs throughout the A&A processSupport vulnerability assessments and security control testing in alignment with NIST SP 800-53 and organizational policiesTrack and manage remediation of identified risks and vulnerabilitiesMaintain continuous monitoring activities and support ongoing authorization initiativesStay current on evolving federal cybersecurity mandates, policies, and technologiesMaintain and update POAMs and waiversCore Qualifications:Bachelor's degree and 5+ years of experience in cybersecurity with at least 3 years in RMFDemonstrated experience leading ATO effortsStrong working knowledge of:NIST SP 800-37, 800-53, 800-127FIPS 199/200XACTA, eMASSExcellent communication skills (written and verbal)Excellent technical writing and documentation skillsCapable of translating technical risk to impacts for non-technical stakeholdersDetail-orientedFamiliarity with a broad range of tools supporting cybersecurity and assessments incActive SCI clearance or Top Secret (eligible for SCI) clearanceSecurity + is REQUIREDAll candidates must be US CITIZENS to be considered for the positionPreferred Qualifications:CISSP,CAP,CISM or equivalent cyber security certificationsExperience supporting DoD, DHS, or IC RMF processesFamiliarity with SIEMS and logging toolsExperience with configuration management tools (e.g., Ansible, Chef, SCCM)Local to Ft. Meade, MDIf you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.Original Posting:September 22, 2025For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $85,150.00 - $153,925.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Created: 2025-09-25