Cybersecurity Risk Analyst

The Opportunity

Are you looking for an opportunity to advance your experience in information assurance and cybersecurity policy to safeguard our nation? As a systems security and network security engineer, you can identify the tools, applications, and systems needed to assess vulnerabilities and recommend the best solution and security strategy. We need your experience to develop and implement security solutions that will protect our military. On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy and risk management. You'll use your curiosity for technology and market trends to further research and develop security solutions. Using your experience in vulnerability scanning, virtualization, and cyber hardening, you'll assess security threats and implement infrastructure controls. In this role, you'll closely impact Navy missions by championing cybersecurity, discovering cyber risks, and providing support to critical mission areas. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers. Work with us as we secure and protect our military's cybersecurity posture for the better.

What You'll Work On

• Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management
• Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises
• Perform risk and vulnerability assessments in network, system, and application areas
• Leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise

Required Qualifications

• 7+ years of experience supporting Navy Risk Management Framework (RMF), including Assessment and Authorization (A&A) activities, development of RMF artifacts, and deliverables across all steps
• 4+ years of experience performing cybersecurity compliance testing using industry standard tools, including Assured Compliance Assessment Solution (ACAS), DoD Security Technical Implementation Guides (STIGs), and Evaluate-STIG
• Experience with eMASS, including security plan development and hands-on processing of packages through workflows, analyzing security policies, evaluating assessment documentation, and developing written security risks, mitigations, and recommendations
• Experience performing vulnerability analysis of networks, systems, and communications protocols, communicating risks, findings, and status updates proactively to client leadership in a clear and actionable way, and with operating systems, platforms, and technologies, including Windows, Linux, cloud, or virtualization
• Ability to investigate and resolve issues that span multiple applications or technologies and require involvement from technical personnel across multiple organizations
• Ability to lead security authorization activities and coordinate with stakeholders such as system owners, engineers, and validators
• Ability to devise and execute client deliverables, work independently, identify problems, devise analysis and solutions, communicate results, and lead the accomplishments of client tasks from inception to completion
• Secret clearance
• Bachelor's degree in CS, Computer Engineering, Systems Management, or IT
• DoD 8140 Certification

Nice to Have

• Experience leading meetings and developing presentations and briefings for use by senior leaders
• Experience analyzing technical and policy documentation for DoD organizations and implementing DoD directives
• Experience deploying, implementing, maintaining, and integrating cybersecurity tools and applications
• Experience with network engineering functions, including Windows, Linux, and virtual operating systems, security tools, platforms, and technologies, including network and web application firewalls, web proxy, intrusion prevention systems, vulnerability scanners, and penetration tools
• Knowledge of DoD enterprise and tactical networks, including command and control and battlespace management systems, systems engineering and information technology, cloud architecture, and virtualization
• Ability to meet cyber schedule, performance, and quality metrics within the systems development lifecycle and acquisition lifecycle, and articulate industry best practice cybersecurity and threat-based cybersecurity frameworks and trends
• Top Secret clearance
• Master's degree in CS, Computer Engineering, Systems Management, or IT
• OS Certification
• CEH, CISA, or CISSP Certification

Clearance

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $99,000.00 to $225,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees.

This posting will close within 90 days from the Posting Date.

Application Process

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model

Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Note

Microsoft Internet Explorer is not fully compatible with Workday and users may experience systems issues with this browser. We recommend that you use one of the following browsers to avoid problems: Google Chrome, Mozilla Firefox, Microsoft Edge, Apple Safari, Opera Browser or Blackberry Browser. If you continue to experience issues, it is sometimes necessary to reset your browser by clearing your cache.

About Booz Allen Hamilton

Booz Allen is an advanced technology company delivering outcomes with speed for America's most critical defense, civil, and national security priorities. We build technology solutions using AI, cyber, and other cutting-edge technologies to advance and protect the nation and its citizens. By focusing on outcomes, we enable our people, clien