Cybersecurity Engineer and Risk Analyst, Mid

The Challenge:

Everyone knows security needs to be “baked in” to a system architecture and that we need to understand Cybersecurity risk to systems instead of just being compliant to a checklist, but you actually know how to bake it in and assess risk to a complex system. You can identify and implement ways to harden systems and assess Cybersecurity risk. What if you could use your Cyber engineering skills to provide Cybersecurity solutions for Navy and DoD systems? We’re looking for a Cybersecurity engineer and risk analyst who can help create solutions for the Navy that will stand up to even the most advanced Cyber threats.

As a Cybersecurity engineer and risk analyst on our project, you’ll analyze the Cyber posture of complex Navy systems, leverage critical expertise to mitigate Cyber risk, and develop solutions to ensure Navy programs support mission critical operations and deliver needed Cybersecurity functionality. You’ll work with our team of experts to identify the right mix of tools and techniques to translate your customer’s needs and future goals into a plan that will enable secure and effective solutions. We need to come up with the best solution, so you’ll investigate new techniques, break free from the legacy model, and go where the industry is going. As a team, we’ll take a critical approach to Cybersecurity and systems engineering, providing alternatives and customizing solutions to maintain a balance of security and mission needs. This is a chance to learn from a team of experts as you make a difference in the security of the Navy warfighter. Your contributions will help customers overcome their most difficult challenges by integrating secure practices like risk management and mitigation, defense-in-depth, data analysis, and cyber continuous monitoring. You’ll be able to gain experience in Command, Control, Communications, Computers, and Intelligence (C4I), Cyber engineering, enterprise networks and systems, Cyber test and evaluation, and Cyber risk assessment while building peace of mind in a critical infrastructure. Join our team as we improve the warfighter’s ability to complete critical missions through Cybersecurity.

Empower change with us.

You Have:

  • 3+ years of experience with DoD assessment and authorization (A&A) processes and Cybersecurity engineering
  • Experience in vulnerability assessment and scanning tools, including the Assured Compliance Assessment Solution (ACAS), and assessing system compliance with security controls
  • Experience with Security Technical Implementation Guides (STIG) and vulnerability remediation
  • Experience with executing the Risk Management Framework (RMF), using eMASS, and developing DoD authorization artifacts or documentation
  • Ability to independently develop DoD or Navy security A&A documentation and artifacts, provide Cybersecurity engineering services, execute the RMF process, perform system vulnerability scanning, and develop mitigation recommendations
  • Secret clearance
  • HS diploma or GED
  • Security+ CE or IAT Level II certification

Nice If You Have:

  • 5+ years of experience with Navy assessment and authorization (A&A) processes and Cybersecurity engineering
  • Experience with processing an Authorization to Operate (ATO) for a Navy program
  • Experience with National Institute of Standards and Technology (NIST) 800-53 security controls
  • Ability to independently help a customer improve the Cybersecurity risk posture of their program or system
  • Ability to develop risk mitigations for programs with high security risks
  • TS/SCI clearance
  • BS degree preferred; MS degree a plus
  • CISSP Certification
  • Navy Qualified Validator (NQV) Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.