Continuous Monitoring Engineer (ConMon)

Leidos
Full_time$68k-122k/year (USD)Chambersburg, United States

📍 Job Overview

  • Job Title: Continuous Monitoring Engineer (ConMon)
  • Company: Leidos
  • Location: Alexandria, VA, Fort Meade, MD, or Chambersburg, PA
  • Job Type: Full-Time (Hybrid)
  • Category: Cybersecurity & Infrastructure
  • Date Posted: July 8, 2025
  • Experience Level: 5-10 years
  • Remote Status: On-site with partial telework available

🚀 Role Summary

  • Oversee and monitor IT systems for security posture impact throughout their lifecycle
  • Analyze system changes, assess security controls, and conduct continuous assessments
  • Utilize various tools such as Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and ESS
  • Ensure compliance with industry auditor standards and maintain the ConMon Dashboard
  • Coordinate with system administrators and provide real-time security status metrics

📝 Enhancement Note: This role requires a strong understanding of security controls, vulnerability management, and intrusion detection/prevention. Experience in developing and implementing a continuous monitoring program is preferred.

💻 Primary Responsibilities

  • System Change Analysis: Analyze proposed or actual system changes to determine security impact and assess security controls
  • Tool Utilization: Utilize various tools to assess, validate, and monitor enterprise and system-level security controls
  • ConMon Strategy & SOP: Develop and maintain the DISA RE5 ConMon Strategy and SOP, outlining required activities and artifacts
  • Security Control Monitoring: Conduct continuous assessments of security controls, perform automated/manual security control monitoring, and provide IS/Security Control Status Reports
  • Compliance & Reporting: Ensure ongoing assessments are in compliance with industry auditor standards and report system risk status using the DISA-approved reporting tool
  • Dashboard Maintenance: Maintain the ConMon Dashboard, tracking compliance, POA&M status, CMRS visibility, asset management, FISMA reviews, and annual validations
  • Coordination & Communication: Coordinate with system administrators to resolve credentialing and data issues, and provide real-time security status metrics to Leidos and government leadership

🎓 Skills & Qualifications

Education: Bachelor's degree in an IT-related field preferred

Experience: Varying years of experience based on job level (3-5 years for Level I, 5-8 years for Level II)

Required Skills:

  • Active DoD Top Secret clearance with SCI eligibility
  • Current DoD 8570 IAM II or IAT II certification
  • Proficiency in one or more of the following tools: Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and HBSS
  • Understanding of the RMF process, NIST SP 800-37, NIST SP 800-53, and CNSSI 1253
  • VMP experience
  • Strong communication, presentation, and customer service skills

Preferred Skills:

  • Experience in developing, implementing, and conducting a continuous monitoring program for a large organization
  • Demonstrated proficiency in security architecture, system hardening, vulnerability management, and intrusion detection/prevention

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

  • Demonstrate experience in continuous monitoring, security control assessment, and vulnerability management
  • Showcase proficiency in utilizing various security tools and platforms
  • Highlight problem-solving skills and ability to communicate complex security concepts effectively

Technical Documentation:

  • Provide examples of security control assessments, reports, and dashboards created
  • Demonstrate understanding of RMF processes and compliance with industry auditor standards
  • Showcase ability to track and manage security control status and system risk

💵 Compensation & Benefits

Salary Range: $67,600.00 - $122,200.00 per year (Leidos pay range, subject to change based on responsibilities, education, experience, and market data)

Benefits:

  • Health and Wellness Programs
  • Income Protection
  • Paid Leave
  • Retirement

Working Hours: 40 hours per week, with partial telework available at the discretion of the customer and program management. Some travel may be required.

🎯 Team & Company Context

Company Culture:

  • Industry: Leidos is a global science and technology solutions leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets
  • Company Size: Leidos has approximately 38,000 employees worldwide, providing a large and diverse team environment
  • Founded: 1969, with a rich history of innovation and problem-solving in various industries

Team Structure:

  • The Continuous Monitoring team is responsible for overseeing and monitoring IT systems for security posture impact throughout their lifecycle
  • The team works closely with system administrators, security specialists, and other stakeholders to ensure the security and compliance of IT systems
  • The team is part of Leidos' broader Cyber & SIGINT Solutions division, which focuses on providing advanced cybersecurity and intelligence solutions to government and commercial clients

Development Methodology:

  • Leidos follows industry-standard development methodologies, such as Agile and Scrum, to manage projects and ensure quality and efficiency
  • The Continuous Monitoring team employs a continuous improvement approach, regularly reviewing and updating security controls and processes to adapt to evolving threats and best practices

Company Website: www.leidos.com

📝 Enhancement Note: Leidos offers a collaborative and innovative work environment, with a strong focus on employee growth and development. The company encourages continuous learning and provides opportunities for employees to expand their skills and advance their careers.

📈 Career & Growth Analysis

Web Technology Career Level: This role is at the senior level, requiring a strong understanding of security controls, vulnerability management, and intrusion detection/prevention. Experience in developing and implementing a continuous monitoring program is preferred.

Reporting Structure: The Continuous Monitoring Engineer reports directly to the Continuous Monitoring Manager and works closely with system administrators, security specialists, and other stakeholders.

Technical Impact: This role has a significant impact on the security posture of IT systems, ensuring their compliance with industry standards and best practices. The engineer's work helps protect sensitive information and maintain the integrity of IT systems.

Growth Opportunities:

  • Technical Growth: Leidos offers opportunities for employees to develop their skills and advance their careers through training, certifications, and mentorship programs
  • Leadership Development: As the team grows and evolves, there may be opportunities for the engineer to take on more leadership responsibilities, such as managing junior team members or mentoring new hires
  • Architecture Decisions: With experience and expertise, the engineer may have the opportunity to influence architecture decisions and help shape the future of the continuous monitoring program

📝 Enhancement Note: Leidos provides a supportive and collaborative work environment that encourages employee growth and development. The company offers various training and certification opportunities to help employees expand their skills and advance their careers.

🌐 Work Environment

Office Type: Leidos' offices are modern and collaborative, with open workspaces and state-of-the-art technology to support employee productivity and innovation

Office Location(s):

  • Alexandria, VA: 2113 The Mark Center, Alexandria, VA 22314
  • Fort Meade, MD: 8000 Baltimore Ave, Fort Meade, MD 20755
  • Chambersburg, PA: 1001 N Second St, Chambersburg, PA 17201

Workspace Context:

  • Collaboration: Leidos encourages collaboration and teamwork, with open workspaces and regular team meetings to facilitate communication and idea-sharing
  • Technology: Leidos provides employees with access to the latest technology and tools to support their work, including multiple monitors and testing devices
  • Cross-functional Interaction: The Continuous Monitoring team works closely with other teams, such as system administrators and security specialists, to ensure the security and compliance of IT systems

Work Schedule: This role is primarily on-site, with partial telework available at the discretion of the customer and program management. Some travel may be required.

📝 Enhancement Note: Leidos offers a flexible and supportive work environment that prioritizes employee well-being and work-life balance. The company encourages employees to take advantage of flexible work arrangements and offers various benefits and resources to support their physical and mental health.

📄 Application & Technical Interview Process

Interview Process:

  1. Phone Screen: A brief phone call to discuss the candidate's qualifications, experience, and fit for the role
  2. Technical Assessment: A hands-on assessment of the candidate's technical skills, focusing on their ability to analyze system changes, assess security controls, and utilize relevant tools
  3. Behavioral Interview: A structured interview to assess the candidate's problem-solving skills, communication abilities, and cultural fit
  4. Final Review: A review of the candidate's qualifications, references, and background check results to make a final hiring decision

Portfolio Review Tips:

  • Highlight experience in continuous monitoring, security control assessment, and vulnerability management
  • Showcase proficiency in utilizing various security tools and platforms
  • Demonstrate problem-solving skills and ability to communicate complex security concepts effectively

Technical Challenge Preparation:

  • Familiarize yourself with the tools and platforms mentioned in the job description, such as Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and HBSS
  • Brush up on your knowledge of the RMF process, NIST SP 800-37, NIST SP 800-53, and CNSSI 1253
  • Prepare for questions about your experience with system change analysis, security control assessment, and continuous monitoring

ATS Keywords: [See the comprehensive list of ATS keywords at the end of this document]

📝 Enhancement Note: Leidos' interview process is designed to assess the candidate's technical skills, problem-solving abilities, and cultural fit. The company values candidates who are proactive, innovative, and committed to continuous learning and improvement.

🛠 Technology Stack & Web Infrastructure

Security Tools & Platforms:

  • Qmulos: Continuous monitoring and automated compliance platform
  • Splunk: Data analytics and visualization platform for security and IT operations
  • ACAS: Automated Compliance Assessment System for assessing and managing security controls
  • Axonius: Asset management and security policy compliance platform
  • CheckMark: Automated vulnerability assessment and remediation platform
  • BURP: Web application security testing platform
  • HBSS: Host-based security system for monitoring and managing security controls on individual systems

Security Standards & Frameworks:

  • RMF: Risk Management Framework for managing security risks and ensuring compliance with industry standards
  • NIST SP 800-37: Guide for Applying the Risk Management Framework to Federal Information Systems and Organizations
  • NIST SP 800-53: Recommended Security Controls for Federal Information Systems and Organizations
  • CNSSI 1253: National Information Assurance (IA) Training Standard for Information Systems Security Officers (ISSOs)

📝 Enhancement Note: Leidos utilizes a wide range of security tools and platforms to ensure the security and compliance of IT systems. The Continuous Monitoring Engineer should be proficient in utilizing these tools and platforms and have a strong understanding of the relevant security standards and frameworks.

👥 Team Culture & Values

Web Development Values:

  • Security-First: Leidos prioritizes the security of IT systems and data, with a strong focus on continuous monitoring, vulnerability management, and intrusion detection/prevention
  • Collaboration: Leidos encourages collaboration and teamwork, with open workspaces and regular team meetings to facilitate communication and idea-sharing
  • Innovation: Leidos values innovation and continuous learning, providing employees with opportunities to expand their skills and advance their careers
  • Customer Focus: Leidos is committed to delivering high-quality solutions and exceptional customer service, with a focus on understanding and meeting customer needs

Collaboration Style:

  • Cross-functional Integration: The Continuous Monitoring team works closely with other teams, such as system administrators and security specialists, to ensure the security and compliance of IT systems
  • Code Review Culture: Leidos encourages a culture of code review and peer programming, with a focus on continuous learning and improvement
  • Knowledge Sharing: Leidos fosters a culture of knowledge sharing and technical mentoring, with regular training and development opportunities for employees

📝 Enhancement Note: Leidos offers a collaborative and innovative work environment, with a strong focus on employee growth and development. The company encourages continuous learning and provides opportunities for employees to expand their skills and advance their careers.

⚡ Challenges & Growth Opportunities

Technical Challenges:

  • System Change Analysis: Analyzing proposed or actual system changes to determine security impact and assess security controls can be complex and time-consuming, requiring strong analytical and problem-solving skills
  • Security Control Assessment: Conducting continuous assessments of security controls requires a deep understanding of the RMF process, NIST SP 800-37, NIST SP 800-53, and CNSSI 1253, as well as the ability to utilize various security tools and platforms effectively
  • Continuous Monitoring: Ensuring ongoing assessments are in compliance with industry auditor standards and maintaining the ConMon Dashboard requires strong organizational skills, attention to detail, and the ability to manage multiple priorities and deadlines

Learning & Development Opportunities:

  • Technical Skill Development: Leidos offers various training and certification opportunities to help employees expand their skills and advance their careers in continuous monitoring, security control assessment, and vulnerability management
  • Conference Attendance: Leidos encourages employees to attend industry conferences and events to stay up-to-date on the latest trends and best practices in cybersecurity and infrastructure management
  • Technical Mentorship: Leidos provides opportunities for employees to mentor new hires and junior team members, helping them develop their skills and advance their careers

📝 Enhancement Note: Leidos offers a supportive and collaborative work environment that encourages employee growth and development. The company provides various training and certification opportunities to help employees expand their skills and advance their careers in continuous monitoring, security control assessment, and vulnerability management.

💡 Interview Preparation

Technical Questions:

  • System Change Analysis: Describe your experience analyzing proposed or actual system changes to determine security impact and assess security controls. Walk us through a specific example and explain the steps you took to ensure the security of the system
  • Security Control Assessment: Explain your approach to conducting continuous assessments of security controls. Describe the tools and platforms you have used and how you ensure compliance with industry auditor standards
  • Problem-Solving: Describe a challenging problem you faced in your previous role and how you used your technical skills and problem-solving abilities to resolve it. Walk us through your thought process and the steps you took to achieve a successful outcome

Company & Culture Questions:

  • Team Dynamics: Describe your experience working in a team environment and how you have contributed to the success of your previous teams. Explain how you would fit into the Leidos team and contribute to our mission
  • Adaptability: Describe a time when you had to adapt to a significant change in your role or the work environment. Explain how you handled the change and what you learned from the experience
  • Customer Focus: Explain how you have demonstrated a strong commitment to customer service and satisfaction in your previous roles. Describe how you would apply this commitment to the Continuous Monitoring role at Leidos

Portfolio Presentation Strategy:

  • Live Demonstration: Prepare a live demonstration of your experience in continuous monitoring, security control assessment, and vulnerability management. Showcase your proficiency in utilizing various security tools and platforms and highlight your problem-solving skills and ability to communicate complex security concepts effectively
  • Case Study: Prepare a case study that demonstrates your experience in analyzing system changes, assessing security controls, and conducting continuous monitoring. Include specific examples of the tools and platforms you used and the outcomes you achieved
  • Presentation Structure: Organize your presentation in a clear and concise manner, with a focus on the key aspects of the role and how your experience and skills make you a strong fit for the position

📝 Enhancement Note: Leidos' interview process is designed to assess the candidate's technical skills, problem-solving abilities, and cultural fit. The company values candidates who are proactive, innovative, and committed to continuous learning and improvement.

📌 Application Steps

To apply for this Continuous Monitoring Engineer (ConMon) position at Leidos:

  1. Submit Your Application: Click the application link and follow the instructions to submit your resume and any other required documents
  2. Customize Your Portfolio: Tailor your portfolio to highlight your experience in continuous monitoring, security control assessment, and vulnerability management. Include specific examples of your proficiency in utilizing various security tools and platforms and demonstrate your problem-solving skills and ability to communicate complex security concepts effectively
  3. Optimize Your Resume: Highlight your relevant experience and skills in continuous monitoring, security control assessment, and vulnerability management. Include specific examples of your proficiency in utilizing various security tools and platforms and demonstrate your problem-solving skills and ability to communicate complex security concepts effectively
  4. Prepare for Technical Interview: Familiarize yourself with the tools and platforms mentioned in the job description, such as Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and HBSS. Brush up on your knowledge of the RMF process, NIST SP 800-37, NIST SP 800-53, and CNSSI 1253. Prepare for questions about your experience with system change analysis, security control assessment, and continuous monitoring
  5. Research the Company: Learn about Leidos' mission, values, and culture. Understand the company's focus on continuous monitoring, security control assessment, and vulnerability management, and how your skills and experience align with the company's goals and objectives

⚠️ Important Notice: This enhanced job description includes AI-generated insights and web development industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.

ATS Keywords:

  • Programming Languages: Python, Bash, PowerShell, SQL
  • Web Frameworks: N/A (not applicable to this role)
  • Server Technologies: Linux, Windows, VMware, AWS, Azure, Google Cloud
  • Databases: SQL, MySQL, PostgreSQL, MongoDB
  • Tools: Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, HBSS, JIRA, Confluence, Git, Jenkins, Ansible, Puppet
  • Methodologies: Agile, Scrum, RMF, NIST SP 800-37, NIST SP 800-53, CNSSI 1253
  • Soft Skills: Problem-solving, communication, collaboration, adaptability, customer focus, innovation, continuous learning
  • Industry Terms: Continuous Monitoring, Security Control Assessment, Vulnerability Management, Intrusion Detection/Prevention, Risk Management Framework, NIST SP 800-37, NIST SP 800-53, CNSSI 1253, Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, HBSS

Application Requirements

Candidates must have an active DoD Top Secret clearance and relevant certifications. A Bachelor's degree in an IT-related field and experience in cybersecurity or network security is required, with varying years of experience based on job level.