The mission of the DHS Chief Information Security Officer Directorate (DHS CISOD) is to support the Department’s implementation of all applicable regulatory requirements including the Federal Information Security Modernization Act of 2014 (FISMA), relevant Office of Management and Budget (OMB) Circulars, Executive Orders, Federal laws, directives, policies, and regulations. The DHS CISOD’s mission is to also provide the Department of Homeland Security (DHS) a secure and trusted computing environment. The DHS CISOD assists in ensuring Department compliance with information security requirements. Information security is an essential business function, critical to enabling DHS to conduct its operations and deliver service to the public.

Leidos is seeking an experienced IV&V Senior Analyst to support DHS CISOD in ensuring DHS-wide compliance with federal information security laws, regulations, mandates, and standards. The selected candidate will perform independent verification and validation activities over Component validation and remediation efforts, provide detailed analysis of security documentation and control implementations, and deliver actionable recommendations to support risk-informed decision making across the enterprise.

The IV&V Senior Analyst will serve as a subject matter expert in cybersecurity compliance and control validation, working closely with DHS Components and government stakeholders to assess remediation packages, evaluate security documentation, monitor corrective actions, and help ensure the quality, consistency, and timeliness of IV&V support provided to CISOD. This role requires strong familiarity with DHS cybersecurity processes, Risk Management Framework (RMF) requirements, and federal security guidance, as well as the ability to communicate technical findings clearly to both technical and non-technical audiences.

Primary Responsibilities:

• Perform IV&V testing and analysis over Component V&V packages for remediated IT security controls, including review of supporting evidence, validation of testing adequacy, and identification of gaps or inconsistencies.

• Review Component-submitted remediation and validation documentation to determine compliance with DHS and federal cybersecurity requirements and provide clear, risk-based feedback.

• Track submitted V&V packages through review and approval workflows, including coordination of CISOD and OCFO signatures and status updates for reporting purposes.

• Evaluate System Security Plans (SSPs), security authorization artifacts, and other system documentation to determine whether required controls have been properly implemented and documented across applicable system layers.

• Assist in performing Security Authorization Reviews for CFO-designated and ancillary systems, including analysis of control implementation statements, observations, and documentation sufficiency.

• Review Component IT commitment letters, provide comments, and monitor testing and passing status against stated commitments.

• Develop, maintain, and improve QA processes, checklists, traceability matrices, and standard guidance documents to enhance consistency and repeatability across IV&V activities.

• Provide measurable data, status updates, and reporting inputs that support monthly IT audit reporting and executive-level visibility into remediation and compliance trends.

• Coordinate with government and contractor stakeholders to resolve issues, clarify findings, and improve the quality of Component submissions.

• Contribute to process improvements, GRC updates, and standardization efforts related to assessments, authorizations, and remediation validation activities.

• May provide guidance and mentoring to junior staff and support internal quality reviews as needed.

Primary Qualifications:

• Must be able to obtain a DHS Security Clearance.

• Bachelor’s degree and 8+ years of experience in IV&V, cybersecurity compliance, RMF, security controls assessment, or a related information assurance/cybersecurity field; or Master’s degree and 6+ years of relevant experience.

• Experience supporting DHS or other Federal cybersecurity compliance and assessment activities.

• Strong knowledge of NIST RMF, FISMA, FedRAMP, FIPS, NIST guidance, and applicable OMB and DHS cybersecurity policies and procedures.

• Experience reviewing security authorization documentation, remediation packages, SSPs, and control validation evidence.

• Ability to analyze technical documentation, identify compliance gaps, and provide practical, risk-based recommendations.

• Experience developing reports, metrics, and written products for government stakeholders.

• Strong written and verbal communication skills and the ability to work effectively in a collaborative, fast-paced environment.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

April 10, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $92,300.00 - $166,850.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.