Cloud Security Analyst, Senior in Arlington, VA at Booz Allen Hamilton Inc.

Date Posted: 10/7/2018

Job Snapshot

Job Description

Job Number: R0034028

Cloud Security Analyst, Senior

Key Role:
Combine technical security engineering and executive-level business consulting expertise to deliver innovative commercial Cloud strategic planning and technical solutions. Perform extensive research and analysis of commercial Cloud vendors and delivery models, including IaaS, PaaS, and SaaS and analyze the development of strategic plans, system security engineering recommendations, and security control planning and implementation. Assess and document vendor vs application owner responsibilities for vulnerability scanning, remediation, and mitigation, including risk assessments and risk reporting. Maintain responsibility for analyzing and continuously monitoring Cybersecurity and privacy policies, programs, compliance artifacts, or standards for government security compliance, systems authorization, and management in a commercial Cloud environment. Perform Cloud migration planning and analyze the establishment of tactics, techniques, and procedures (TTPs) for application owners.

Basic Qualifications:
-6+ years of experience with analyzing information assurance or Cybersecurity compliance planning
-2+ years of experience with researching emerging technologies, including commercial, mobile, and Cybersecurity service providers for use in the DoD to inform and support enabling concepts, concepts of operations, pilots, and governance structures or documentation
-1 year of experience with Cloud Cybersecurity efforts and emerging technology pilots aligned with the Risk Management Framework (RMF)
-1 year of experience in working on FedRAMP and DoD Cloud computing with clients and vendors to assess and authorize Cloud Service Offerings (CSOs), including IaaS, PaaS, and SaaS
-1 year of experience with assessing system architectures and recommending design modifications necessary to meet DoD STIGs
-Ability to solve technical problems during assessment activities 
-Ability to obtain a security clearance
-BA or BS degree

Additional Qualifications:
-1 year of experience in working with a Department of the Navy (DON) organization
-Experience with Navy policy and compliance and RMF Assessment and Authorization (A&A) for the DoD or DON

-Ability to produce high quality reports and recommendations for clients
-Ability to adhere to a project schedule and recommend changes, as necessary to maintain positive project outcomes

-Secret clearance
-BA or BS degree in IT or CS

-DoD Cybersecurity Workforce (CSWF) IAM Level II Certification, including CISSP, CAP, CISM, or GSLC
-Certified Cloud Security Professional (CCSP) Certification
-CNDSP Analyst, CNDSP Infrastructure Support, CNDSP Auditor, or CNDSP Incident Reporter Certification
-Navy Qualified Validator (NQV) Level I, II, or III Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.