This site uses cookies. To find out more, see our Cookies Policy

Cybersecurity Policy and Compliance Analyst in San Diego, CA at Booz Allen Hamilton Inc.

Date Posted: 4/25/2019

Job Snapshot

Job Description

Job Number: R0052049

Cybersecurity Policy and Compliance Analyst

Key Role:

Apply knowledge of Cybersecurity and privacy analysis and consulting throughout the security assessment and compliance life cycle processes. Maintain responsibility for analyzing the planning, development, and finalization of Cybersecurity and privacy policies, programs, compliance artifacts, and standards supporting government and industry security compliance, systems accreditation, and management. Analyze the documentation, validation, and accreditation processes necessary to ensure systems meet security and privacy requirements. Assess the effectiveness of an organization’s IT security and privacy training program, including conducting social engineering exercises to ensure training remains consistent with current Cybersecurity and privacy threats and policies and assisting with achieving full compliance with any or all laws and regulations. Provide work leadership to junior employees.

Basic Qualifications:

-3 years of experience with Cybersecurity or IT

-Experience with supporting Risk Management Framework Assessment and Authorization (A&A) activities, including conducting security control validation and maintaining system authorization packages

-Experience with writing, maintaining, and updating the Body of Evidence (BoE) required for SAP authorization packages, including System Security Plan (SSP), Security Test Plans, POA&M, and Security Controls Traceability Matrix (SCTM)

-Experience with reviewing BOEs and providing feedback to Information System Security Engineers (ISSEs) to prepare packages for submission to the authorizing official

-Experience with output from automated vulnerability assessment tools, including Nessus, ACAS, and Security Content Automation Protocol (SCAP) and reviewing manual testing procedures using DoD STIGs, SRGs, and checklists

-TS/SCI clearance required

-HS diploma or GED

-DoDI 8570 IA Workforce Certification

Additional Qualifications:

-Experience with supporting annual FISMA requirements

-Experience with system vulnerability management or security patch implementation

-Experience with the implementation of National Institute of Standards and Technology (NIST) special publications, federal regulations, and DoD policies

-Experience with the Enterprise Mission Assurance Support System (eMASS)

-Experience with system administration of Windows or UNIX systems

-BA or BS degree

-Navy Qualified Validator Certification

-DoDD 8140.01 Operating System Environment Certification

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.