This site uses cookies. To find out more, see our Cookies Policy

Cybersecurity Compliance and Risk Management Analyst, Senior in Alexandria, VA at Booz Allen Hamilton Inc.

Date Posted: 12/1/2018

Job Snapshot

Job Description

Job Number: R0038918

Cybersecurity Compliance and Risk Management Analyst, Senior

Key Role:

Perform Risk Management Framework (RMF) Assessment and Authorization (A&A) responsibilities for various Navy and Marine Corps commands. Develop the documentation, validation, and accreditation processes necessary to assure systems meet security and privacy requirements. Evaluate test results, analyze risk, and develop security assessment documentation to support accreditation decisions. Create a risk mitigation strategy and ensure security configurations are maintained in accordance with DoD and Department of Navy and USMC mandated policies. Interpret RMF guidance from Authorizing Officials for clients and provide information and input for the preparation of accreditation packages. Assess the applicability of emergent vulnerabilities to individual systems and technologies, including Cloud environments. Provide advice and direction to program managers and other functional area SMEs representing Cybersecurity or IA policies and regulations and mentor and develop junior Cybersecurity professionals.

Basic Qualifications:

-8+ years of experience with IT or Cybersecurity

-5+ years of experience with preparing full RMF Security Authorization Packages or legacy DIACAP packages

-5+ years of experience with performing system decomposition analysis that resulted in a test battery required for security control assessments

-5+ years of experience with developing security assessment plans, security assessment reports, and risk assessment reports

-3+ years of experience with populating a security control compliance repository and tools, including eMASS, Xacta, or RSA Archer

-3+ years of experience with analyzing, assessing, or implementing NIST 800-53 Rev 4 security controls or previous versions, CCIs, and associated assessment procedures

-Experience with developing IT policy, guidance, or procedure documentation supporting Cybersecurity accreditation

-Secret clearance required

-BA or BS degree in Information Assurance, CS, Cybersecurity, or Engineering

-DoD Cybersecurity Work Force (CSWF) Requirements Certification, including Security+, CISSP, CASP, SSCP, CISM, or GSLC CEH

Additional Qualifications:

-Experience with system security patch implementation, vulnerability management, and risk mitigation

-Experience with DoD or federal Cybersecurity requirements in a Cloud environment preferred

-Knowledge of Navy or DoD network environments and DoD and Department of Navy and USMC Cybersecurity policies

-Possession of excellent oral and written communication skills

-MS degree in Information Assurance or Cybersecurity

-Navy Qualified Validator (NQV) or Marine Corps Qualified Validator


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.