Assessment & Authorization Analyst
Company: Leidos
Location: Ashburn
Posted on: April 1, 2026
|
|
|
Job Description:
Department of Homeland Security (DHS), Customs and Border
Protection (CBP) Security Operations Center (SOC) is a US
Government program responsible to prevent, identify, contain and
eradicate cyber threats to CBP networks through monitoring,
intrusion detection and protective security services to CBP
information systems including local area networks/wide area
networks (LAN/WAN), commercial Internet connection, public facing
websites, wireless, mobile/cellular, cloud, security devices,
servers and workstations. The CBP SOC is responsible for the
overall security of CBP Enterprise-wide information systems, and
collects, investigates, and reports any suspected and confirmed
security violations. Primary Responsibilities The selected
candidate will apply experience as an Assessment and Authorization
Analyst by evaluating CBP Information Systems being introduced to
the environment to determine if they meet the required security
standards and are authorized to operate within the CBP network,
using the NIST Risk Management Framework (RMF) or similar
methodologies The candidate will be responsible for evaluating key
points in the System Lifecycle, such as before its deployment or
during major updates. Responsibilities may include creating
security documentation (e.g., System Security Plan, Security
Assessment Report) and obtaining the final authorization to operate
(ATO).The candidate should be able to provide assistance in
collecting information and answering questions in regard to many
broad IT areas including, but not limited to: security management
controls, access controls, provisioning and deprovisioning,
transfers, separation of duties, configuration management,
contingency planning, application security, business process
controls, interface controls, and data management system controls.
The candidate will be responsible for: Conducting formal
assessments and deciding whether the system is authorized to
operate Conducting a formal assessment of the system’s security
posture Evaluating whether security controls meet established
standards and are functioning effectively Documenting results and
making recommendations for improving security Recommending whether
the system should be authorized to operate based on assessment
outcomes Ensuring that the system has the necessary security
controls to minimize risks Basic Qualifications A minimum of a
Bachelor’s degree coupled with 4-8 years’ experience in the
Information Technology, Computer Science, IT, Information/Cyber
Security field from an accredited college or university arena or
Master's Degree with 2 years of relevant experience. OR A minimum
of a Bachelor’s degree coupled with 8 years’ experience in the
Information Technology, Computer Science, IT, Information/Cyber
Security field from an accredited college or university arena or
Master's Degree with 6 years of relevant experience. Superior
writing, communication and critical analysis skills Deep
understanding of Information Assurance, Information Technology and
Information Management concepts, processes and procedures
Experience with supporting the delivery of large and complex
projects on time and within budget in government organizations
Minimum of 1-3 years of experience as an ISSO supporting major
federal information systems/applications Superior writing,
communication and critical analysis skills Deep understanding of
Information Assurance, Information Technology and Information
Management concepts, processes and procedures Working knowledge of
the following policies: NIST SP 800-37, Rev 2, Risk Management
Framework for Information Systems and Organizations: A System Life
Cycle Approach for Security and Privacy, DHS 4300A Policy and
Handbook, CBP Information Systems Security Policies and Procedures
Handbook (HB 1400-05D). Must be a US Citizen. Preferred
Qualifications Prior experience with CBP DoD 8570 IAT III CompTIA
Certified Advanced Security Practitioner (CASP) ISC2 Certified in
Governance, Risk and Compliance Certification (CGRC) ISC2 Certified
Information Systems Security Professional (CISSP) ISACA Certified
Information Systems Auditor (CISA). If you're looking for comfort,
keep scrolling. At Leidos, we outthink, outbuild, and outpace the
status quo — because the mission demands it. We're not hiring
followers. We're recruiting the ones who disrupt, provoke, and
refuse to fail. Step 10 is ancient history. We're already at step
30 — and moving faster than anyone else dares. Original Posting:
March 16, 2026 For U.S. Positions: While subject to change based on
business needs, Leidos reasonably anticipates that this job
requisition will remain open for at least 3 days with an
anticipated close date of no earlier than 3 days after the original
posting date as listed above. Pay Range: Pay Range $87,100.00 -
$157,450.00 The Leidos pay range for this job level is a general
guideline only and not a guarantee of compensation or salary.
Additional factors considered in extending an offer include (but
are not limited to) responsibilities of the job, education,
experience, knowledge, skills, and abilities, as well as internal
equity, alignment with market data, applicable bargaining agreement
(if any), or other law.
Keywords: Leidos, Harrisonburg , Assessment & Authorization Analyst, IT / Software / Systems , Ashburn, Virginia
