Lead Information Assurance

Leidos is seeking a highly qualified candidate for the Lead Information Assurance position for the Integrated Defensive Cyber Systems Contract. The ideal candidate will have Experience with the DoD Assessment & Authorization (A&A) system, RMF Packages, STIGs and ACAS.​. This position is located near Lackland Air Force Base; all work is onsite. 

Primary Responsibilities:

• Serve as the Information Assurance (IA) lead and primary point of contact for system owners, developers, ISSOs, ISSMs, and government stakeholders on all cybersecurity compliance matters.
• Develop, implement, and maintain standardized processes and procedures for the ISSO team to ensure consistent execution of cybersecurity tasks.
• Support the ISSO Team Lead in conducting lessons learned and continuous improvement activities to enhance team performance and efficiency.
• Lead all phases of the Risk Management Framework (RMF) process, including system categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
• Prepare, maintain, and submit comprehensive security authorization packages (e.g., System Security Plans, POA&Ms, Security Assessment Reports) for systems pursuing or maintaining an Authority to Operate (ATO).
• Ensure accurate implementation and documentation of NIST 800-53 security controls. Coordinate with Security Control Assessors (SCAs) to validate control effectiveness.
• Establish and oversee continuous monitoring strategies, including vulnerability scanning, audit log reviews, and periodic control assessments.
• Interpret and enforce applicable DoD, DISA, and NIST cybersecurity policies, ensuring systems comply with STIGs, SRGs, and other regulatory requirements.
• Manage routine security scanning and compliance activities using tools such as ACAS (Tenable.sc/Nessus), SCAP Compliance Checker, and HBSS. Track and coordinate remediation of findings.
• Collaborate with cybersecurity operations teams to develop, test, and support incident response plans, and provide technical assistance during security incidents.
• Prepare and deliver cybersecurity status reports, metrics dashboards, and briefings to leadership and stakeholders.
• Guide systems through the A&A process, ensuring compliance with DoD RMF and component-specific requirements. Maintain associated artifacts in eMASS.
• Support internal and external audits, including Command Cyber Readiness Inspections (CCRI), by ensuring systems are audit-ready and documentation is current.
• Maintain and update all Assessment & Authorization (A&A) documentation, including the Body of Evidence, for system lifecycle compliance.
• Ensure accurate tracking of 800-53 control implementation status and regularly update STIG compliance records within eMASS.

Basic Qualifications:

• Requires BS and 12+ years of prior relevant experience or Masters with 10+ years of prior relevant experience, additional years of experience will be accepted in lieu of a degree. 
• DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC.
• Minimum of 3 years of hands-on experience conducting vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), as well as Security Technical Implementation Guide (STIG) compliance tools such as Evaluate-STIG or SCAP.
• Demonstrated familiarity with Department of Defense (DoD) cybersecurity standards, including direct experience working with DoD systems, tools, reporting mechanisms, and requirements for Certification and Accreditation (C&A) processes.
• Proven experience developing and evaluating cybersecurity documentation, including Security Concepts of Operations (CONOPS), System Security Plans (SSPs), Security Risk Assessments, Plans of Action and Milestones (POA&Ms), Contingency Plans, and Configuration Management Plans. Experience managing security artifacts within governance tools such as XACTA and/or eMASS is required.
• Must possess an active Secret clearance and ability to obtain TS/SCI clearance is required to be considered 

Preferred Qualifications:

• CISSP
• USAF cybersecurity experience or DoD equivalent.
• TS/SCI

Original Posting:

May 16, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $126,100.00 - $227,950.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.