Security Governance and Policy Subject Matter Expert in McLean, VA at Booz Allen Hamilton Inc.

Date Posted: 6/12/2018

Job Snapshot

Job Description

Job Number: R0030730

Security Governance and Policy Subject Matter Expert

Key Role:

Support a large government agency in comprehending and adopting their information security program to CIS Critical Security Control (SANS 20) and CERT-Resilience Management Model (RMM) elements. Apply knowledge of Cybersecurity governance, policy, compliance, and risk management to strengthen the security posture of a large organization. Apply SANS 20 and CERT-RMM foundations to client organizations and environments. Participate in the design and development of the Cyber risk management program to meet business and regulatory expectations. Lead the design and development of specific Cyber risk management program components. Lead or influence risk initiatives and business as usual activities. Identify Cyber risk, assess impact, make recommendations on resolution, and report and escalate Cyber risk and program compliance, as appropriate.

Basic Qualifications:

-6+ years of experience with security governance and policy

-6+ years of experience with enforcing security controls across a large organization 

-Experience with performing continual process improvement

-Knowledge of infrastructure vulnerabilities and countermeasures 

-Knowledge of effective communication concepts, tools, and techniques 

-Knowledge of the Risk Management Framework (RMF)

-Ability to explain the NIST 800-53 security families

-Ability to obtain a security clearance

-BA or BS degree

-CISSP, CISM, or CISA Certification

Additional Qualifications:

-Experience with security policy analysis, metrics capture and analysis, security education, application vulnerability assessments, risk analysis and compliance testing, and project management

-Ability to protect information and information systems while ensuring their confidentiality, integrity, and availability 

-Possession of excellent oral and written communication skills

-CERT RMM Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.