Continuous Monitoring Engineer (ConMon)

Description

Leidos is seeking multiple ConMon Engineers to be responsible for overseeing and monitoring all authorized IT systems (re-authorization and new systems) throughout their lifecycle for security posture impact. These positions can be based out of any of our three locations - Alexandria, VA, Fort Meade, MD, or Chambersburg, PA. These positions are primarily on-site, with some limited hybrid/telework.

Responsibilities:

• Analyze proposed or actual system changes to determine security impact, and assess security controls and their effectiveness.
• Utilize Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and ESS to assess, validate, and monitor enterprise and system-level security controls.
• Develop and maintain the DISA RE5 ConMon Strategy to support the A&A mission.
• Create and update the DISA RE5 ConMon SOP, outlining required activities and artifacts that include the oversight and monitoring of IT systems throughout their lifecycle.
• Conduct continuous assessments of security controls, perform automated/manual security control monitoring of information systems and provide IS / Security Control Status Reports based on live data from security monitoring tools.
• Ensure ongoing assessments are in compliance with industry auditor standards to monitor security, vulnerabilities, and threats.
• Ensure ConMon-related controls are properly implemented in RMF packages within eMASS.
• Report system risk status using the DISA-approved reporting tool.
• Maintain the ConMon Dashboard, tracking compliance, POA&M status, CMRS visibility, asset management, FISMA reviews, and annual validations.
• Track automated and manual security controls, identifying overdue assessments and validations.
• Coordinate with System, ACAS, and HBSS/ESS Administrators to resolve credentialing and data issues.
• Provide real-time security status metrics based on the ConMon Strategy and SOP and alert Leidos and government leadership of security posture changes with negative impact.

• Active DoD Top Secret clearance with SCI eligibility required
• Current DoD 8570 IAM II or IAT II certification
• Proficiency in one or more of the following tools: Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and HBSS
• Understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253
• VMP experience
• Strong communication, presentation, and customer service skills
• Education and experience as required per job level:
  • Level I:
    • Bachelor's degree (IT-related field preferred) and three (3) years of overall experience in cybersecurity or network security position. Additional relevant experience may be considered in lieu of degree.
    • Understanding of security architecture, system hardening, vulnerability management, and intrusion detection/prevention
  • Level II:
    • Bachelor's degree (IT-related field preferred) and five (5) years of overall experience in cybersecurity or network security position. Additional relevant experience may be considered in lieu of degree.
    • Experience in developing, implementing, and conducting a continuous monitoring program for a large organization.
    • Demonstrated proficiency in security architecture, system hardening, vulnerability management, and intrusion detection/prevention