Cyber Security Scrum Master

Description

Leidos has an exciting opening for you, as our next Cyber Security Scrum Master, to play a critical role with the release of a state-of-the-art technology stack under the DOMEX Technology Platform (DTP) contract supporting the OSINT Integration Center (OSIC). This position provides an opportunity to have impact as part of a mission focused, solutions oriented, and adaptive team that values innovation, collaboration, and professional development.

As the Cyber Security Scrum Master, you will bring your experience as an Agile Scrum Master to facilitate a team of Cyber Security professionals to align the RMF/ATO process with release and sprint planning using SAFe Agile methodology. In this role, you will accurately evaluate scope and schedule of work, identify release and sprint backlogs, lead daily scrum meetings and demos, and remove obstacles to enable the team to meet deadlines. You will be the champion of your team, conducting regular data-driven retrospectives, and working actively to improve the process and drive team productivity. You will bring your team leadership experience to anticipate project and implementation issues, to proactively support areas that may become a concern, to manage technical debt, and to ensure successful delivery. You will lean on your experience with security technologies and industry best practices while employing effective security solutions. You’ll collaborate closely with ISSEs, ISSOs, ISSMs, software engineers, software developers, system engineers and Government counterparts to perform the full spectrum of cyber security engineering tasks to ensure our systems meet a variety of regulatory compliance frameworks. You are curious: you ask why, you explore, you are familiar with latest and greatest open-source tools, and always fascinated by what’s possible and what could be better. You must be self-driven, and feel ownership over the project, team, and process. Most work will be conducted on-site at our client location in Bethesda, MD. Occasionally, some tasks may be performed remotely.

Fun stuff you will do on the job:

Coach a disciplined, distributed, fast-moving Agile team and program through Agile/Scrum ceremonies

Perform release and sprint planning

Assess the Agile maturity of the team and coach the team to contribute to relentless improvement of the overall program

Remove impediments and coach the team to remove impediments

Build and maintain a high performing team by improving team dynamics and coaching the team to maximize self-organization

Facilitate discussion, decision making, and conflict resolution

Promote proper documentation of the work, partnering with the software development, infrastructure engineering, and systems engineering teams

Work across stakeholders to ensure effective solutions are delivered

Assist with internal and external communication, improve transparency, and radiate information

Support the systems engineer in managing the team backlog and foster a healthy team dynamic with respect to priorities and scope

Demonstrate excellent interpersonal, time management, and problem-solving skills

Perform review and analysis of cybersecurity event logs

Organize, conduct, and review technical cybersecurity assessments

Coordinate with security personnel and recommend mitigation strategies

Identify points of vulnerability and non-compliance with established cybersecurity standards and regulations

Maintain Authorization to Operate (ATO) records in XACTA system

Manage and report Plan of Actions and Milestones (POA&M) compliance

Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content

Apply system security engineering familiarity in one or more of the following: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off the-shelf and government off-the shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing;

This is you:

Bachelors degree (technical discipline preferred) and 8+ years of relevant experience

Active TS security clearance with ability to obtain and maintain a TS/SCI with Polygraph

Must be a US Citizen

Certified Scrum Master (CSM) or SAFe Scrum Master (SSM) certification

Excellent communication, collaboration, and conflict resolution skills

Experience with SAFe methodology

Experience with task and ticket management tools such as GitHub

Proven ability to balance concurrent activities

Strong knowledge and experience in software development and cybersecurity engineering in an Agile or SAFe environment

Ability to quickly build rapport and keep a positive and motivated team environment

Experience establishing a System Security Engineering (SSE) management process to integrate security and privacy controls into complex hardware and software systems

1 year of experience developing and reviewing security concept of operations, systems security plans, security risk assessments, contingency plans, configuration management plans

Experience with XACTA, EMass, or similar tool

Experience with NIST Special Publications e.g. NIST SP 800-27, 30, 37, 53, 60

Experience with CNSS publication CNSSI 1253

Experience with incident response plans, plan of actions and milestones, risk management plans, and vulnerability management plans

You will wow us even more if you have some of these skills:

At least one DoD 8570.01-M IAT Level II or higher certification e.g., CCNA Security, CySA+, Security+ CE, SSCP, CISSP (or Associate)

Experience with NIST SP 800-171

Familiarity with modern development approaches (serverless, containerization, cloud, continuous delivery, micro-services, event based applications)

Experience with cloud deployment and cloud-based solutions

Experience supporting DIA/OSIC and/or DTP

Software development/coding experience with programming languages such as Python, Java, and React, and software development framework tools such as Appian

Experience configuring, running, and analyzing vulnerability scans

Experience with DevOpsSec pipelines and tools

Experience with database systems, search engines, web applications

Experience in a Linux Red Hat and Centos environments

Experience with big data applications

Experience with GitLab and GitHub

#NMECDTP

Original Posting:May 1, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:Pay Range $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.