Job Number: R0072519
Cybersecurity Risk Analyst
Everyone knows security needs to be “baked in” to a system architecture, but you actually know how to bake it in. You can identify and implement ways to harden systems and reduce their attack surface. What if you could use your Cybersecurity engineering skills to design and build secure systems for a DoD client. We're looking for a Cybersecurity engineer who can create solutions for the client that will stand up to even the most advanced Cyber threats.
As a Cybersecurity engineer on our project, you'll assess the security posture information systems that support real world missions. You'll coordinate work with the client and mission partners to identify the right mix of tools and techniques to translate your customer's IT needs and future goals into a plan that will enable secure and effective solutions. We need to develop effective solutions, so you'll investigate new techniques, break free from the legacy model, and go where the industry is going. You'll lead the team through a critical approach to network design, providing alternatives and customizing solutions, to maintain a balance of security and mission needs. This is a chance to make a difference in the security of the war fighter on the ground. Your technical expertise will be vital as you help customers overcome difficult challenges by integrating the DoD Risk Management Framework (RMF) into existing systems. You'll be able to broaden your skillset into areas like the DoD RMF and Secure Systems Development Life Cycle (SSDLC) while building peace of mind in a critical infrastructure.
Empower change with us.
- 7+ years of experience with DoD assessment and authorization (A&A) or DoD Risk Management Framework (RMF) processes and Cybersecurity engineering
- 7+ years of experience in vulnerability assessment and scanning tools, including Assured Compliance Assessment Solution (ACAS) and assessing system compliance with security controls
- 7+ years of experience with Security Technical Implementation Guides (STIG) and vulnerability remediation
- 2+ years of experience with the Enterprise Mission Assurance Support Service (eMASS) and developing DoD authorization artifacts and documentation
- TS/SCI clearance
- BA or BS degree in IT
- IAM Level III Certification
Nice If You Have:
- 7+ years of experience with DoD processes and Cybersecurity engineering
- 7+ years of experience with processing an Authorization to Operate (ATO) for a Navy program
- Experience with leading teams providing Cybersecurity engineering, A&A, or Cybersecurity risk mitigation services
- Experience with developing risk mitigations for highly classified programs
- Experience with NIST 800-53 security controls and developing requirements to satisfy controls
- MA or MS degree in IT or related field
- IASAE Level III Certification, including CISSP-ISSEP or CISSP-ISSAP
Build Your Career:
Rewarding work, fun challenges, and a ton of investment in our people—that's Booz Allen Cyber. When you join Booz Allen, we'll help you develop the career you want.
Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we've got plenty of chances for you to show off your skills.
Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.
Cyber University — CyberU has more than 5000 instructor-led and self-paced Cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.
Academic Partnerships — In addition to our tuition reimbursement benefit, we've partnered with University of Maryland University College to offer two graduate certificate programs in Cybersecurity—fully funded without a tuition cap.
Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
Apply on company website