DESCRIPTION

Job Description
Are you ready to protect the infrastructure behind national security? Leidos is hiring a Certification & Accreditation (C&A) Specialist to support securing mission-critical systems across cloud and on-prem environments in Suitland, MD. In this role, you’ll provide efforts that ensure full compliance, drive accreditation success, and safeguard operations at every level.

BASIC QUALIFICATIONS

• Experience: 8+ years (with a Bachelor’s degree) or 6+ years (with a Master’s degree) of relevant work experience. Additional experience, trainings, or certifications may be considered in lieu of a degree.
• Clearance: Active DoD TS/SCI
• Certification: Active IAM Level III (e.g., CISSP) or ability to obtain within 30 days
• Expertise In:
• RMF, DIACAP, DCID 6/3, ICD-503 frameworks
• XACTA and EMASS platforms (SIPR, NIPR, JWICS)
• Project management for secure systems deployment
• Collaboration with IC, DoD, DISA, NAVINTEL IA, FLTCYBERCOM, and other security governance bodies
• Securing systems and software, including cloud architectures and advanced security controls

PREFERRED QUALIFICATIONS

• Certified Ethical Hacker (CEH)
• Experience in preparing high-quality technical documents and delivering briefings to senior leadership
• Familiarity with the latest DISA STIG requirements and the other evolving cybersecurity policy requirements
• Familiarity with the Amazon Web Services (AWS) Cloud

• Manage the full lifecycle of Accreditation & Authorization (A&A) across diverse mission systems.
• Prepare, track, and maintain RMF documentation (BOEs, SAPs) within XACTA and EMASS.
• Conduct risk assessments, security evaluations, and documentation aligned with evolving policies and standards.
• Engage with stakeholders including ONI, Fleet Cyber, NAVINTEL, DIA, DISA, and other security validation authorities.
• Deliver training on security controls, RMF updates, and ATO status within classified environments.
• Continuously monitor STIGs, RMF controls, vulnerability scans, and policy compliance.
• Support approval processes for implementing cross-domain solutions.
• Coordinate with contractors responsible for secure system and software development.
• Perform continuous monitoring to ensure adherence to cybersecurity and cloud security best practices across the environment.
• Participate in technical exchange meetings and provide feedback as needed.