Assessment and Authorization Analyst and Security Control Assessor and Validator, Senior in Washington, DC at Booz Allen Hamilton Inc.

Date Posted: 7/20/2018

Job Snapshot

Job Description

Job Number: R0030927

Assessment and Authorization Analyst and Security Control Assessor and Validator, Senior

Key Role:

Provide Cybersecurity and privacy analysis and consulting throughout the security assessment and compliance life cycle process. Plan and continuously monitor Cybersecurity and privacy policies, programs, compliance artifacts, and standards in support of government and industry security compliance, including systems accreditation, and management. Administer the documentation, validation, and accreditation processes necessary to assure systems meet security and privacy requirements. Consult on the assessment of the effectiveness of an organization’s IT security and privacy training program, including consulting on social engineering exercises to ensure training remains consistent with current Cybersecurity and privacy threats and policies, and assist with achieving full compliance with any or all laws and regulations.


Basic Qualifications:

-8+ years of experience with Cybersecurity

-8+ years of experience with performing technical security assessments, including vulnerability assessments, security control reviews, and system configuration checks to support DoD Information Assurance Certification and Accreditation Process (DIACAP) or Risk Management Framework (RMF)

-3+ years of experience with planning and executing comprehensive Cybersecurity test events, including identifying applicable security controls, analyzing assessment procedures, and identification and using required tools, such as Retina, Nessus, Assured Compliance Assessment Solution (ACAS), or Security Content Automation Protocol (SCAP)

-Experience with performing manual testing methods and procedures using Security Technical Implementation Guides (STIGs), Government Services (SRG), and checklists

-Active Secret clearance

-Security+ or Certified Information Systems Security Professional (CISSP) Certification


Additional Qualifications:

-3+ years of experience with supporting Navy commands in the implementation or assessment of Cybersecurity controls or legacy DIACAP implementation

-3+ years of experience with Navy and DoD systems

-2+ years of experience in working with National Institute of Standards and Technology (NIST) RMF for Assessment and Authorization (A&A)

-Experience with Enterprise Mission Assurance Support Service (eMASS)

-Experience with performing Cybersecurity risk assessments and mitigation

-Experience with Microsoft Excel

-Experience with testing Navy systems

-Experience with Fully Qualified Navy Validator (FQNV) legacy appointment

-BA or BS degree in Engineering or Cybersecurity

-IA Workforce 8570 Certification


Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

NMC

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.