Sr. RMF Security Engineer

Leidos is seeking a Sr. Risk Management Framework (RMF) Security Engineer to support a project at a Navy base in San Diego. This position will play a critical role in ensuring that information systems comply with federal cybersecurity standards, particularly within the U.S. Department of Defense (DoD) cyber community. The RMF Security Engineer will guide the project through the RMF lifecycle, which includes categorizing information systems based on risk, selecting and implementing appropriate security controls (per NIST SP 800-53 or DoD-specific requirements), and assessing those controls for effectiveness. The RMF Security Engineer will conduct continuous monitoring, identify vulnerabilities, address compliance gaps, and ensure systems remain secure against evolving threats.

The RMF Security Engineer will act as a technical advisor and problem solver, bridging the gap between cybersecurity policy and system implementation. Will perform risk assessments, analyze security test results, and recommend mitigation strategies to address findings-whether through configuration changes, tool updates, or process improvements.

This position is 100% on site at the Navy base., * Experience preparing System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action & Milestones (POA&M).

• Conducting risk assessments, vulnerability scans, and penetration testing.
• eMASS (Enterprise Mission Assurance Support Service)
• SCAP tools (e.g., Nessus, Tenable.sc, OpenSCAP).
• SIEM tools (e.g., Splunk, ArcSight).
• STIG compliance (DISA STIGs, SCAP benchmarks)

• Bachelor's degree in Cybersecurity, Information Assurance, Computer Science or related field. BS with 12+ years' experience or MS with 10+ years' experience. Will consider work experience in lieu of a degree.
• DoD 8570 approved security certification (i.e., Security +) (Will be required 90 days after hire).
• Position requires US citizenship and an active Secret DoD security clearance.
• RMF Compliance Expertise: Deep knowledge of NIST SP 800-37, NIST SP 800-53, NIST SP 800-171, FedRAMP, and DoD Instruction 8510.01 (DIARMF)., * Python, Bash, PowerShell for automation
• AI/ML in RMF
• Zero Trust Integration: Understanding NIST SP 800-207 (Zero Trust Architecture) and how it intersects with RMF.
• CMMC 2.0.
• COMSEC Understanding
• CISSP Certification

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .

Leidos has a new and exciting opportunity for a Sr. RMF Security Engineer in our National Security Sector's (NSS) Cyber & Analytics Business Area (CABA). Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytical Methods and Modeling, Signals Intelligence (SIGINT), and Cryptographic Key Management. At Leidos, we offer competitive benefits, including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more. Join us and make a difference in National Security!, Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .