Job Number: R0111372
Cyber Risk Analyst, Mid
Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to the Navy and the DoD. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action.
As an information security risk specialist on our team, you'll work with Navy programs to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You'll get technical, environmental, and personnel details from engineers and SMEs to assess the entire threat landscape. Then, you'll help your team guide your client through a plan of action with presentations, white papers, and milestones. You'll work on translating security concepts for your client so they can make the best decisions to secure their mission critical systems. This is your opportunity to take an active role in information security while growing your skills in cloud architecture, systems engineering, or data science. Join us as we protect or Navy's cyber infrastructure and critical systems.
Empower change with us.
2+ years of experience in a cybersecurity field performing cyber engineering, cyber risk assessments, or cyber authorization activities
Experience executing the Risk Management Framework (RMF) or similar cyber risk assessment and authorization processes for complex programs/systems
Experience analyzing cyber vulnerabilities, assessing system compliance against security controls, and developing risk mitigation plans and strategies
Knowledge of Security Technical Implementation Guides (STIG) and methodologies for applying to system design
Ability to develop Navy cybersecurity authorization documentation and artifacts
Ability to help a customer improve the cybersecurity risk posture of their program or system
Secret security clearance
BA or BS degree
IAT Level II certification (e.g., Security+ CE)
Nice If You Have:
Experience with completing a DoD cyber authorization package
Experience with Navy A&A processes and cybersecurity engineering
Experience with developing cybersecurity risk assessment processes
Master's degree in a technical field a plus
Navy Qualified Validator certification
ASEP or CSEP certification
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Build Your Career:
Rewarding work, fun challenges, and a ton of investment in our people—that's Booz Allen cyber. When you join Booz Allen, we'll help you develop the career you want.
Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we've got plenty of chances for you to show off your skills.
Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.
Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.
Academic Partnerships — In addition to our tuition reimbursement benefit, we've partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
Apply on company website