Security Governance and Policy Subject Matter Expert in McLean, VA at Booz Allen Hamilton Inc.

Date Posted: 4/10/2018

Job Snapshot

Job Description

Job Number: R0026535

Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.

Security Governance and Policy Subject Matter Expert

Key Role:

Support a large government agency with comprehending and adopting their information security program to CIS Critical Security Control (SANS 20) and CERT-Resilience Management Model (RMM) elements. Apply knowledge of Cybersecurity governance, policy, compliance, and risk management to strengthen the security posture of a large organization. Apply SANS 20 and CERT-RMM foundations to client organizations and environments. Participate in the design and development of the Cyber risk management program to meet business and regulatory expectations. Lead the design and development of specific Cyber risk management program components. Lead or influence risk initiatives and business as usual activities. Identify Cyber risk, assess impact, make recommendations on resolution, and report and escalate Cyber risk and program compliance, as appropriate.

Basic Qualifications:

-5+ years of experience with performing information security assessments and compliance audits in a large government agency following NIST, SANS20, or CERT-RMM frameworks

-5+ years of experience with common security controls, processes, and technical solutions to safeguard network, system, application, and data in on-premise and Cloud environments 

-Experience with performing continual process improvement

-Knowledge of infrastructure vulnerabilities and countermeasures 

-Knowledge of effective communication concepts, tools, and techniques 

-Ability to obtain a security clearance

-BA or BS degree

-CERT RMM Certification

Additional Qualifications:

-Experience with security policy development, metrics capture and analysis, security education, application vulnerability assessments, risk analysis and compliance testing, and project management

-Ability to protect information and information systems while ensuring their confidentiality, integrity, and availability 

-Possession of excellent oral and written communication skills


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions.  Booz Allen is committed to delivering results that endure.

We are proud of our diverse environment, EOE, M/F/Disability/Vet.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.