This site uses cookies. To find out more, see our Cookies Policy

Risk Management Framework and Information Assurance, Assessment, and Authorization Specialist in San Diego, CA at Booz Allen Hamilton Inc.

Date Posted: 3/25/2019

Job Snapshot

Job Description

Job Number: R0048173

Risk Management Framework and Information Assurance, Assessment, and Authorization Specialist

Key Role:
Support the Information System Security Manager (ISSM) in maintaining the appropriate security posture of systems throughout the security assessment and compliance life cycle process, including planning and continuous monitoring of Cybersecurity and privacy policies, programs, and compliance artifacts or standards to support government and industry security compliance and systems accreditation and management. Develop, review, and critique assessment and authorization (A&A) documentation in compliance with DoD Cybersecurity policy and agency guidance, including DoD, Committee on National Security Systems (CNSS), and National Institute of Standards and Technology (NIST) special publications. Assist with the management of security aspects of the information system and work closely with systems administrators, in house teams, and other government agencies to support day-to-day security operations, including vulnerability scanning, patching, remediation, documentation, and reporting of Cyber vulnerabilities and identify the right mix of tools and techniques to translate the customer’s IT needs and future goals into a plan that will enable secure and effective solutions. Support the planning, coordination, and implementation of IT security programs and policies and provide configuration management for security-relevant information system software, hardware, and firmware. Conduct regular audits supporting Federal Information Security Management Act (FISMA) reviews to ensure systems are operated securely and computer security policies and procedures are implemented, including tracking operation order (OPORDS) and task order compliance and process change requests supporting A&A package amendments.

Basic Qualifications:

-2+ years of experience with DoD Cybersecurity, Information Assurance (IA), DoD Information Assurance Certification and Accreditation Process (DIACAP), or Risk Management Framework (RMF)

-Experience with system and network vulnerability analysis, risk assessment and risk mitigation analyses, contingency planning, and firewall policies, ports, and protocols

-Knowledge of IA or Information Security (INFOSEC) concepts and requirements

-Secret clearance

-HS diploma or GED

-IAM Level II Certification, including Security+CE, CISM, CISSP, or CASP

Additional Qualifications:

-Experience with the Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS), Vulnerability Remediation Asset Manager (VRAM), Host-Based Security System (HBSS), and Altiris


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.