Information Security Risk Specialist

The Challenge:

Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – an information security risk specialist who will break down complex threats into manageable plans of action.

As a cyber-compliance and risk management consultant on our team, you’ll work with Program Manager Tactical Network (PM TN) to evaluate and discover their cyber risks, understand applicable policies, and develop mitigation plans. Under the direction of the Cyber Security & Assurance (CS&A) team, your role as the Information System Security Officer (ISSO) will be to work with various business teams to assess risk and validate that the appropriate security controls are in place for PM TN information systems and that they are working effectively and efficiently. You’ll get technical, environmental, and personnel details from engineers to assess the entire threat landscape. Then, you’ll help your team guide your client through a plan of action with presentations, whitepapers, and milestones. You’ll work on translating security concepts for your client so they can make the best decisions to secure their mission critical systems and critical infrastructure.

As the expert in risk and security controls, you will provide consulting services and education to the organization's management and staff by taking an active role in cybersecurity while also growing your skills in Risk Management Framework. Join us as we protect our military’s communications systems.

Empower change with us.

You Have:

  • 4+ years of experience with information security or information assurance

  • Experience with interpreting patterns of non-compliance to determine their impact on levels of risk or overall effectiveness

  • Experience with Security Assessment Plans and Reports

  • Experience with RMF, STIGs, NIST 800-37, or AWS

  • Knowledge of Enterprise Mission Assurance Support Service (eMASS) web-based application 

  • Knowledge of risk assessment methodologies, frameworks, and procedures

  • Secret clearance

  • Bachelor's degree

  • IAT Level II or IAM Level I Certification

Nice If You Have:

  • Experience with authorization actions concerning software development and testing

  • Knowledge of intelligence community Cybersecurity requirements

  • Knowledge of the configuration management of military software, including source code, documentation, and tactical products

  • Knowledge of DoD security and program protection and declassification operations

  • Knowledge of DoD 8500, AR 25-2, AR 70-1, and DA PAM 70-3 Army Acquisition Implementation

  • TS/SCI clearance preferred

  • DoD 8570 IAT Level III and CISSP Certification preferred 


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.