This site uses cookies. To find out more, see our Cookies Policy

Cybersecurity Policy and Compliance Specialist in McLean, VA at Booz Allen Hamilton Inc.

Date Posted: 3/15/2019

Job Snapshot

Job Description

Job Number: R0047732

Cybersecurity Policy and Compliance Specialist

Key Role:

Support the firm’s security assessment and compliance program by providing expertise in a variety of areas, including security risk assessment, security test and evaluation, development of secure systems and networks, system auditing, vulnerability management, assessment and authorization (A&A), system analysis, and system hardening. Assist system owners, system developers, and system project managers with comprehending their system’s security requirements in accordance with applicable laws and regulations and choosing the most appropriate compensating security controls. Conduct security assessments and make accurate evaluations of the level of security required based on risk determinations. Create customized risk assessment packages. Coordinate with ISSOs and system owners to remediate findings resulting from both internal and external audits. Weigh business needs against security concerns and articulate issues to management.

Basic Qualifications:

-5+ years of experience with varied information security fields, including risk management, certification and accreditation, identity and access management, and security testing

-3+ years of experience with performing A&As for information systems and writing system security plans

-Experience with implementing ISO27000 or NIST IT publications and guidelines, including SP 800-series, FIPS 199, and OMB regulations and FISMA

-Experience with assessing against DFARS and 800-171 and Sarbanes-Oxley (SOX) audit requirements and processes and determining systems, network, or infrastructure security requirements and controls against various industry guidance and best practices

-Experience with security control implementation using tools for penetration testing, vulnerability assessment scans, and federal security standards, including FISMA, NIST, DHS, and DIACAP assessment and implementation

-Knowledge of UNIX, Linux, and Microsoft Windows, domains and networking technologies, and associated security measures and policies

-Ability to leverage expertise in English, conduct assessments, and articulate complex ideas and concepts over the telephone

-Ability to obtain a security clearance

-BA or BS degree

Additional Qualifications:

-GSEC, SEC+, CISSP, CISA, CISM, or CAP Certification


Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

ESG1

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.