Information Systems Security Officer, Mid

The Challenge:
Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to federal agencies and their trusted partners. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – a lead information security risk specialist who can oversee breaking down complex threats into manageable plans of action.


As an information security risk specialist on our team, you’ll consult for our aerospace client by leading the discovery of their cyber risks, understanding applicable policies, and developing a mitigation plan. Guided by NIST 800-53 and associated federal guidelines, you’ll oversee the analysis of technical, environmental, and personnel details from engineers and scientists working on cutting-edge programs as your team reviews the entire threat landscape. Then, you’ll guide your client through a plan of action with presentations, security control plans and mitigations, and milestones. Your client will rely on you to translate security concepts, so they can make the best decisions to secure their mission critical systems. This is your opportunity to take a leadership role in information security while sharing your skills in cybersecurity risk management with both clients and your team. Join us as we protect our client's missions and their vision to "explore space in pursuit of scientific discoveries that benefit humanity." This position is open to temporary remote delivery anywhere within the U.S., to include the District of Columbia

Empower change with us.

You Have:

  • At least 2 years of experience with Information Systems Security Officer (ISSO) or Information System Security Engineer (ISSE) support of a federal agency or federally funded research and development center (FFRDC)
  • Experience with implementing the Intelligence Community Directive (ICD) 503, Risk Management Framework (RMF) principles, or Assessment & Accreditation life cycle, including FISMA, FedRAMP, NIST SP 800-37, NIST SP 800-60, and NIST SP 800-53.
  • Experience with Governance, Risk, and Compliance tools and technologies
  • Knowledge of security protocols, cryptography, authentication, authorization, and security
  • Secret clearance
  • BA or BS degree
  • CompTIA Security+ Certification


Nice If You Have:

  • Experience with technical project management
  • Experience with SOC networking monitoring, auditing, and vulnerability management.
  • Knowledge of computer networking and Windows and Linux systems management
  • Ability to analyze and communicate opportunities for efficiency, identify gaps and work very closely with multiple stakeholders to resolve Plan of Action and Milestones (POAMs), and review and create mitigation reports from compliance and vulnerability scanning tools, including Nessus or SCAP
  • TS/SCI clearance with a polygraph

Clearance:

Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information; Secret clearance is required.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.