Information Security Risk Specialist

The Challenge:

Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to commercial organizations. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – build your knowledge as an information security risk specialist who can help break down complex threats into manageable plans of action.

As an information security risk specialist on our team, you’ll assist commercial product developers with discovering their cyber risks, understanding applicable policies, and developing a mitigation plan. Under general supervision, assists with the coordination of assessment of threats and vulnerabilities through testing and evaluation activities, such as: functional testing, protocol testing, penetration testing, and web application security testing. Assists with performing product and network testing, using a variety of tools. This is your opportunity to build experience in a strategic information security role while developing skills in product assessment, functional and vulnerability testing. Join us as we harden commercial products for use by the U.S. national security systems.

Empower change with us.

You Have:

  • Experience with one or more operating systems, including Windows, Linux/Unix, Android, or iOS, computer architecture, and networking fundamentals 
  • Experience with applying abstract security requirements including NIST 800-53 controls to information systems
  • Experience in a consulting environment and clearly communicating technical subjects to clients
  • Ability to obtain a security clearance
  • Bachelor's degree

Nice If You Have:

  • Experience with Common Criteria or NIAP approved Protection Profiles
  • Experience with Certified pen testing including SANS GPEN, Offensive Security Certified Professional (OSCP) or Certified Ethical Hacker (CEH)
  • Experience with Linux/Windows system administration and VMware ESXi
  • Experience with scripting languages, including Python or Perl
  • Experience with Network sniffers and monitoring tools, including Wireshark, and Network utility tools, including nmap, netcat, and solarwinds
  • Experience with Pen Testing Suites, including Metasploit, Kali, and Canvas
  • Possession of excellent verbal and written communication skills
  • Bachelor's degree in Computer Engineering, CS, Information Security, Information Sciences, or Technology


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

  • Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.
  • Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.
  • Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.
  • Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.
  • Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.