Cyber Risk Analyst, Senior

The Challenge:

Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to the Navy and DoD. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – a cyber risk analyst who will break down complex threats into manageable plans of action.

As a cyber risk analyst on our team, you’ll use your experience to work with Navy programs to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You’ll review technical, environmental, and personnel details from engineers and SMEs to assess the entire threat landscape. Then, you’ll guide your client through a plan of action with presentations, white papers, and milestones. You’ll work with your client to translate security concepts, so they can make the best decisions to secure their mission critical C4I and network systems. This is your opportunity to act as an information security subject matter expert while broadening your skills in cloud security, systems engineering, and data science. Join us as we protect our military's critical cyber infrastructure.

Empower change with us.

You Have:

  • 10+ years of experience with cybersecurity in a professional work environment

  • 5+ years of experience with cybersecurity risk assessments or engineering on command, control, communications, computers, and intelligence programs for DoD, federal, or commercial clients

  • Experience with the Risk Management Framework (RMF) and the Assessment and Authorization (A&A) activities required to obtain and maintain an Authority to Operate (ATO) for a DoD system

  • Experience developing technical artifacts and documentation to communicate cybersecurity risk assessment results or cybersecurity policy implementation

  • Knowledge of National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction, including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253

  • Ability to analyze and communicate complex technical challenges to both technical and non-technical clients and stakeholders

  • Ability to work in an Agile teaming environment

  • Secret clearance

  • Bachelor's degree or 4+ additional years of experience working in a professional environment in lieu of degree

  • IAT Level II Security Certification or IAT Level III Certification

Nice If You Have:

  • Experience with the Risk Management Framework (RMF) and the Assessment and Authorization (A&A) activities required to obtain and maintain an Authority to Operate (ATO) for a U.S. Navy system

  • Experience with security tools and devices, including network firewalls, web proxy, intrusion prevention systems, vulnerability scanners, or penetration tools

  • Experience with administering Red Hat Enterprise Linux or Windows Server 2008 or higher

  • Experience with developing cybersecurity authorization artifacts to enable an ATO for a system or program

  • TS/SCI clearance

  • Master's degree

  • IAT Level III Network Certification, including CCNP-Security, or CCNP-CyberOps, preferred

  • IAT Level III Security Certification, including CISSP, or CISM, preferred

  • Navy Qualified Validator (NQV) Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

  • Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

  • Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

  • Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

  • Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.


Not ready to apply? Join our talent community and sign up for job alerts.