Job Number: R0082719
Cybersecurity Policy and Compliance Analyst
When our country's cybersecurity is on the line, simply reacting is not enough – we need a plan. And when that plan needs to protect Navy and Marine Corps IT infrastructure, we need strategic policy analysis. That's why we need you, a cybersecurity policy specialist with the expertise required to analyze the policies that determine our cyber resilience.
As a cyber strategic planning and policy development consultant on our team, you'll lead the assessment of Navy and Marine Corps current cyber policies, the coverage of those policies, and areas of risks. You'll evaluate how policies stack up to regulations, best practices, and industry standards. As you guide your client through understanding acceptable risk and availability, you'll advance the development of a strategic cyber roadmap. You'll work in a consultative role to ensure the client operates securely as they navigate an evolving IT environment. Join us as we protect Navy and Marine Corps IT infrastructure through strategic cyber policy analysis.
Empower change with us.
-5 years of experience with preparing DIACAP or RMF packages and supporting documentation and DoD Authorization and Accreditation (A&A) process and standards
-Experience with using the Enterprise Management Assurance Support Service (eMASS)
-Ability to conduct security control selection, tailoring, and overlays
-Ability to analyze a security plan and perform system security analysis
-Active Secret clearance
-HS diploma or GED
-DoD 8140 IAM I or IAT II Certification
Nice If You Have:
-3+ years of experience with supporting Navy Commands in the implementation or assessment of Cybersecurity controls or legacy DIACAP implementation
-3+ years of experience with system and network vulnerability analysis, risk assessment and risk mitigation analysis, security test and evaluation (ST&E), contingency planning, and firewall policy, ports, and protocols
-Experience with Retina, Nessus, SCAP Compliance Checker, STIGs, hardening systems, and applying IA controls
-Experience with supporting the Navy
-Possession of excellent oral and written communication skills
-Navy Qualified Validator (NQV) Certification
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Build Your Career:
Rewarding work, fun challenges, and a ton of investment in our people—that's Booz Allen cyber. When you join Booz Allen, we'll help you develop the career you want.
Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we've got plenty of chances for you to show off your skills.
Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.
Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.
Academic Partnerships — In addition to our tuition reimbursement benefit, we've partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.
Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.#LI-AH1
Apply on company website