This site uses cookies. To find out more, see our Cookies Policy

Cybersecurity Policy and Compliance Analyst, Senior in Monterey, CA at Booz Allen Hamilton Inc.

Date Posted: 5/16/2019

Job Snapshot

Job Description

Job Number: R0053360

Cybersecurity Policy and Compliance Analyst, Senior

Key Role:
Combine technical security testing, security engineering, policy, and compliance expertise with business consulting expertise to deliver high-value client IT security solutions and program planning. Contribute to a team of security professionals who provide DoD clients assurance that complex IT systems and networks meet security controls and standards. Plan and execute system security assessments to meet client requirements, analyze results, develop reports to be used to determine system vulnerabilities and risk posture, and provide recommendations for remediation to achieve preferred security and risk posture. Mentor and develop assigned validation team members to meet client requirements. Prepare the Risk Management Framework (RMF) security authorization packages needed to achieve system or network authorization. Monitor and respond to security data calls on behalf of the client organization, as needed. 

Basic Qualifications:
-3+ years of experience with system decomposition analysis resulting in a test battery required for security control assessments

-3+ years of experience with analyzing, assessing, or implementing NIST 800-53 security controls, CCIs, and assessment procedures, including DoD Secure Technical Implementation Guides (STIGs)

-1+ years of experience with preparing RMF security authorization packages or legacy DIACAP packages
-1+ years of experience with analyzing the development of security assessment plans, security assessment reports, and risk assessment reports using ACAS and STIGs
-Knowledge of accreditation tools, including eMASS, Xacta, or RSA Archer
-Ability to work with a team of systems administrators, engineers, testers, and RMF practitioners

-Secret clearance
-HS diploma or GED 
-DoD Cybersecurity Workforce (CSWF) Certification, including Security+, CISSP, CASP, SSCP, CISM, GSLC, or other approved certification

Additional Qualifications:
-Experience in working with a Department of the Navy (DON) organization
-Experience with preparing for enterprise-level inspections, including the Command Cyber Readiness Inspection (CCRI) or Cybersecurity Inspection (CSI)
-Experience with DON RMF process guides and templates  
-Experience as a systems administrator for Windows, Linux, UNIX-based operating systems, or networking technologies
-Knowledge of Windows Server 2012 R2, Windows 10, Red Hat Enterprise Linux (RHEL) 6 and 7, and Cisco network products
-Ability to navigate the management interface of technologies, including Nessus network technologies, such as firewalls, router, and switches
-Possession of excellent oral and written communication skills
-BA or BS degree in an information technology related field
-Navy Qualified Validator (NQV) Level I, II, or III Certification or legacy Fully Qualified Navy Validator (FQNV) 
-Project Management Professional (PMP) Certification

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.