Cyber Risk Management Specialist, Senior

The Challenge:

Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to the VA.  In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – an information security risk specialist who will break down complex threats into manageable plans of action.

As an information security risk specialist on our team, you’ll use your experience to work with the VA to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You’ll review technical, environmental, and personnel details from SMEs to assess the entire threat landscape. Then, you’ll guide your client through a plan of action with presentations, white papers, and milestones. You’ll work with your client to translate security concepts, so they can make the best decisions to secure their critical infrastructure. This is your opportunity to act as an information security subject matter expert while broadening your skills in data science. Join us as we protect our nation’s cyber infrastructure. Remote delivery is available for this position

Empower change with us.

You Have:

-Experience with Cybersecurity, risk management, or risk assessments for complex systems

-Experience with NIST SP 800 series publications and CNSS Instructions

-Experience with risk analysis, data analytics, or visualizations

-Experience in working with tight deadlines

-Knowledge of elements of risk, including vulnerability, threat, likelihood, impact, mitigation, and remediation

-Ability to engage directly with clients, and third parties to facilitate enterprise risk analysis

-Ability to obtain a security clearance

-HS diploma or GED and 18+ years of experience with systems security engineering or BS degree in CS, IT or Engineering and 10+ years of experience with systems security engineering

Nice If You Have:

-Experience with tools such as Nessus, BigFix, Red Seal, RSA Archer, SCCM, Elastic, or CDM

-Experience with Governance, Risk, and Compliance (GRC) such as eMASS

-Experience with Assessment and Authorization (A&A)

-Experience with advanced Excel work such as Power Query

-Experience with NIST SP 800-53, 39, 37, or 30

-Public Trust clearance

-CompTIA Security+ or Certified Risk Management Professional (CRISC) or Certified in Risk and Information Systems Control (CRISC)


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen Cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced Cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in Cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.