Senior Cybersecurity Documentation Specialist

Description

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster, better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced Senior Cybersecurity Documentation Specialist to support the delivery, enhancement, and adoption of enterprise data and analytics products used across multiple DoD organizations.

In this role, you will work alongside government partners, engineers, and other industry teammates to translate operational and strategic requirements into scalable, production-ready solutions. You will contribute directly to product planning, execution, and continuous improvement-helping ensure capabilities are delivered efficiently, aligned to mission priorities, and positioned for sustained success.

This position offers the opportunity to work on a high-visibility, enterprise program at the intersection of data, analytics, and emerging AI technologies. Ideal candidates are motivated by mission impact, comfortable operating in complex stakeholder environments, and interested in building deep domain expertise while delivering capabilities with real-world national security outcomes.

Primary Responsibilities:

• Lead Risk Management Framework (RMF) initiatives for Cross Domain Enterprise Services (CDES).
• Support the Multi-Security Level Integration and Test Facility (MSL-ITF) by providing detailed system requirements and continuous monitoring updates.
• Manage and maintain CDES and MSL-ITF Enterprise Mission Assurance Support Service (eMASS) packages.
• Implement tracking and remediation processes to improve vulnerability management timelines.
• Strengthen the overall security posture of the systems.
• Provide compliance insights to the Information System Security Manager (ISSM).
• Conduct regular audits and assessments to ensure compliance with DoD cybersecurity standards.
• Develop and maintain documentation for cybersecurity policies, procedures, and guidelines.
• Collaborate with cross-functional teams to ensure cybersecurity requirements are integrated into all phases of the system lifecycle.
• Ensure accuracy across Plans of Action and Milestones (POA&Ms), Assured Compliance Assessment Solution (ACAS) results, and Security Technical Implementation Guides (STIGs).
• Develop, review, and maintain cybersecurity documentation required for RMF authorization packages (e.g., SSPs, POA&Ms, SARs, policies, and procedures).
• Prepare and maintain Body of Evidence (BOE) artifacts supporting system authorization and continuous monitoring activities .
• Collect and organize BOE results generated by the software team as part of their DevSecOps process.
• Publish, organize, and maintain BOE results in a Government-approved system (such as eMASS or Xacta).
• Ensure cybersecurity documentation aligns with NIST SP 800-53, RMF, and DoD cybersecurity requirements.
• Validate accuracy and completeness of documentation within GRC tools (e.g., eMASS or equivalent).
• Support continuous monitoring documentation updates reflecting system changes, vulnerabilities, and remediation efforts.
• Collaborate with ISSOs, ISSMs, system engineers, DevSecOps teams, and cybersecurity personnel to collect and validate required documentation inputs.
• Support preparation for audits, inspections, and cybersecurity assessments by ensuring documentation readiness and traceability.
• Track and manage documentation updates related to system changes, configuration updates, and security control implementations.
• Develop standard templates, processes, and best practices for cybersecurity documentation management.
• Analyze compliance gaps and support remediation tracking and reporting.
• Support data calls, assessment activities, and RMF lifecycle processes (including Step 0 and ongoing authorization support).
• Prepare reports and documentation to support Government risk-based decision making.
• Participate in SAFe ceremonies including PI Planning, backlog refinement, sprint reviews, and retrospectives.

Basic Qualifications:

• Active Top Secret (TS) clearance with SCI eligibility.
• Bachelor's degree in Cybersecurity, Information Assurance, Computer Science, Information Systems, Engineering, or related technical discipline OR equivalent training/experience aligned to DoD 8140 pathways.
• 8-12 years of relevant experience supporting cybersecurity documentation, RMF, or compliance activities.
• Minimum of 5 years of experience in cybersecurity documentation and RMF processes.
• At least one of the following foundational qualification pathways consistent with DoD 8140 requirements:
  • Current DoD 8570/8140 baseline certification appropriate for Intermediate Cyber Defense Analyst roles (e.g., CySA+, GCDA, GCIH, or equivalent),
  • Offerings listed in the DoD 8140 Training Repository,
  • Demonstrated equivalent training and experience qualifying under DoD 8140 foundational qualification alternatives.
• Ability to generate, prepare, store, and maintain cybersecurity BOE results.
• Experience in vulnerability management and remediation processes Experience developing and maintaining RMF documentation (e.g., SSPs, POA&Ms, BOE artifacts).
• Experience supporting continuous monitoring and cybersecurity compliance processes.
• Experience working with GRC tools such as eMASS or equivalent.
• Experience supporting cybersecurity audits, inspections, and authorization activities.
• Experience analyzing and applying cybersecurity standards (e.g., NIST SP 800-53, RMF).
• Experience operating within SAFe or Agile frameworks supporting enterprise systems.

Preferred Qualifications:

• Active TS/SCI clearance.
• Master's degree in Cybersecurity, Information Technology, or a related field.
• Experience supporting cybersecurity documentation across NIPRNet, SIPRNet, and JWICS environments.
• Familiarity with Xacta or similar systems.
• Experience supporting DevSecOps-integrated cybersecurity documentation processes.
• Relevant cybersecurity certifications (e.g., Security+, CySA+, CASP+, or equivalent).
• Experience developing standardized documentation frameworks and knowledge management solutions.
• Strong analytical and problem-solving skills.
• Excellent communication and documentation skills.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.