This site uses cookies. To find out more, see our Cookies Policy

Cybersecurity Analyst, Mid in San Diego, CA at Booz Allen Hamilton Inc.

Date Posted: 11/21/2018

Job Snapshot

Job Description

Job Number: R0040907

Cybersecurity Analyst, Mid

Key Role:

Provide Cybersecurity Risk Management Framework (RMF) Assessment and Authorization (A&A) support for DON systems and serve as a Cybersecurity expert throughout all stages of acquisition, systems engineering, and maintenance processes. Ensure system designs and implementations are consistent with DoD policies, requirements, and directives, including compliance with Security Technical Implementation Guidance (STIG), Security Requirements Guides (SRGs), and checklists. Review, develop, and modify A&A documentation, analyze the architecture of IT systems for compliance with DoD policies, develop and execute security test plans, and assess the Cybersecurity risk of IT systems, documenting them in formal risk assessments. Identify Cyber vulnerabilities and compliance issues. Track system POA&M updates, work with Information System Security Officers (ISSOs) to remediate existing vulnerabilities or develop mitigations that minimize impact, likelihood, or risks, and work with the program to incorporate findings into the system POA&M. Liaise with the client during team meetings and one-on-one on the completion of A&A documents. This position is located in San Diego, CA.

Basic Qualifications:

-5+ years of experience in Cybersecurity with the Joint Special Access Program (SAP) Implementation Guide (JSIG)

-Experience with supporting RMF A&A activities, including conducting security control validation and maintaining system authorization packages

-Experience with writing, maintaining, and updating the Body of Evidence (BoE) required for SAP authorization packages, including System Security Plan (SSP), Security Test Plans, POA&M, and Security Controls Traceability Matrix (SCTM)

-Experience with reviewing BOE’s and providing feedback to ISSE’s to prepare packages for submission to the authorizing official

-Experience with output from automated vulnerability assessment tools, including Nessus, ACAS, and Security Content Automation Protocol (SCAP) and reviewing manual testing procedures using DoD STIGs, SRGs, and checklists

-Secret clearance required

-BA or BS degree

-DoDI 8570 Certification for IA Workforce

Additional Qualifications:

-Experience with supporting annual FISMA requirements

-Experience with system vulnerability management or security patch implementation

-Experience with the implementation of National Institute of Standards and Technology (NIST) special publications, federal regulations, and DoD policies

-Experience with the enterprise Mission Assurance Support System (eMASS)

-Top Secret clearance a plus

-Navy Qualified Validator Certification

-Operating System Environment Certification in accordance with DoDD 8140.01

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

NMC

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.