Cybersecurity Engineer and Risk Analyst, Mid

The Challenge:

Everyone knows security needs to be “baked in” to a system architecture and that we need to understand Cybersecurity risk to systems instead of just being compliant to a checklist, but you actually know how to bake it in and assess risk to a complex system. You can identify and implement ways to harden systems and assess Cybersecurity risk. What if you could use your Cyber engineering skills to provide Cybersecurity solutions for Navy and DoD systems? We’re looking for a Cybersecurity Engineer and Risk Analyst who can help create solutions for the Navy that will stand up to even the most advanced Cyber threats.

As a Cybersecurity Engineer and Risk Analyst on our project, you’ll analyze the Cyber posture of complex Navy systems, provide critical expertise to mitigate Cyber risk, and develop solutions to ensure Navy programs support mission critical operations and deliver needed Cybersecurity functionality. You’ll work with our team of experts to identify the right mix of tools and techniques to translate your customer’s needs and future goals into a plan that will enable secure and effective solutions. We need to come up with the best solution, so you’ll investigate new techniques, break free from the legacy model, and go where the industry is going. As a team, we’ll take a critical approach to Cybersecurity and systems engineering, providing alternatives and customizing solutions to maintain a balance of security and mission needs. This is a chance to learn from a team of experts as you make a difference in the security of the Navy warfighter. Your contributions will help customers overcome their most difficult challenges by integrating secure practices like risk management and mitigation, defense-in-depth, data analysis, and Cyber continuous monitoring. You’ll be able to gain experience in Command, Control, Communications, Computers, and Intelligence (C4I), Cyber engineering, enterprise networks and systems, Cyber test and evaluation, and Cyber risk assessment while building peace of mind in a critical infrastructure. Join our team as we improve the warfighter’s ability to complete critical missions through Cybersecurity.

Empower change with us.

You Have:

  • 1+ years of experience with DoD assessment and authorization (A&A) processes and Cybersecurity engineering
  • Experience with Security Technical Implementation Guides (STIG), vulnerability remediation, and executing the Risk Management Framework (RMF) process
  • Ability to develop DoD and Navy security authorization documentation and artifacts and develop and communicate recommendations for incorporating security requirements in DoD systems
  • Ability to perform validation and testing of security controls for DoD systems
  • Ability to provide Cybersecurity engineering services and execute the RMF process with leadership oversight
  • Secret clearance
  • HS diploma or GED
  • Ability to obtain a Security+ CE or IAT Level II Certification within 30 days of hire

Nice If You Have:

  • 1+ years of experience with Navy assessment and authorization (A&A) processes and Cybersecurity engineering
  • Experience with eMASS and developing DoD authorization artifacts and documentation
  • Experience with processing an Authorization to Operate (ATO) for a Navy program
  • Experience with vulnerability assessment and scanning tools, including ACAS, and assessing system compliance with security controls
  • Knowledge of NIST 800-53 security controls
  • TS/SCI clearance
  • BS degree
  • Security+ CE or IAT Level II Certification
  • Navy Qualified Validator (NQV) Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.