This site uses cookies. To find out more, see our Cookies Policy

Cybersecurity Analyst, Mid in San Diego, CA at Booz Allen Hamilton Inc.

Date Posted: 3/21/2019

Job Snapshot

Job Description

Job Number: R0040907

Cybersecurity Analyst, Mid

Key Role:

Provide Cybersecurity Risk Management Framework (RMF) Assessment and Authorization (A&A) support for DON systems and serve as a Cybersecurity expert throughout all stages of acquisition, systems engineering, and maintenance processes. Ensure system designs and implementations are consistent with DoD policies, requirements, and directives, including compliance with Security Technical Implementation Guidance (STIG), Security Requirements Guides (SRGs), and checklists. Review, develop, and modify A&A documentation, analyze the architecture of IT systems for compliance with DoD policies, develop and execute security test plans, and assess the Cybersecurity risk of IT systems, documenting them in formal risk assessments. Identify Cyber vulnerabilities and compliance issues. Track system POA&M updates, work with Information System Security Officers (ISSOs) to remediate existing vulnerabilities or develop mitigations that minimize impact, likelihood, or risks, and work with the program to incorporate findings into the system POA&M. Liaise with the client during team meetings and one-on-one on the completion of A&A documents. This position is located in San Diego, CA.

Basic Qualifications:

-3+ years of experience in Cybersecurity with the Joint Special Access Program (SAP) Implementation Guide (JSIG)/RMF

-Experience with supporting RMF A&A activities, including conducting security control validation and maintaining system authorization packages

-Experience with writing, maintaining, and updating the Body of Evidence (BoE) required for SAP authorization packages, including System Security Plan (SSP), Security Test Plans, POA&M, and Security Controls Traceability Matrix (SCTM)

-Experience with reviewing BOEs and providing feedback to ISSEs to prepare packages for submission to the authorizing official

-Experience with output from automated vulnerability assessment tools, including Nessus, ACAS, and Security Content Automation Protocol (SCAP) and reviewing manual testing procedures using DoD STIGs, SRGs, and checklists

-TS/SCI clearance required

-BA or BS degree

-DoDI 8570 IA Workforce Certification

Additional Qualifications:

-Experience with supporting annual FISMA requirements

-Experience with system vulnerability management or security patch implementation

-Experience with the implementation of National Institute of Standards and Technology (NIST) special publications, federal regulations, and DoD policies

-Experience with the enterprise Mission Assurance Support System (eMASS)

-Navy Qualified Validator Certification

-DoDD 8140.01 Operating System Environment Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

NMC

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.