Cybersecurity Policy and Compliance Analyst, Mid

The Challenge:

When our country’s cybersecurity is on the line, simply reacting is not enough – we need a plan. And when that plan needs to protect the DoD, we need strategic policy analysis. That is why we need you, a cybersecurity engineer with the expertise to analyze the policies that determine our cyber resilience. Join us as we defend the systems that defend our nation.

As a cyber strategic planning and policy analyst consultant on our team, you will lead assessment of current DoD cyber policies, the coverage of those policies, and areas of risks. You will evaluate and audit how policies stack up to regulations, best practices, and industry standards. As you guide your client through understanding acceptable risk and availability, you will advance the development of a strategic cyber roadmap. You will work in a consultative role to ensure the client operates securely as they navigate an evolving IT environment. Join us as we protect the DoD through strategic cyber policy analysis. 

Empower change with us. 

You Have:

  • 10+ years of experience with IT or Cybersecurity
  • 5+ years of experience with information assurance
  • Knowledge of cybersecurity engineering, cyber forensics, and network security tools and technologies
  • Knowledge of cybersecurity policy, procedures, and workforce structure to design, develop, and implement recommendations for a secure enclave environment
  • Ability to write, review, and revise high-level documents, including policy, directives, or instructions
  • Ability to function independently on a team across various geographies
  • Active Secret clearance
  • HS diploma or GED
  • DoD 8570.01-M Information Assurance Management Level II (IAM-II) Certification

Nice If You Have:

  • Experience with cybersecurity engineering and architecture, Computer Emergency Response Team (CERT), or Defensive Cyber Operations (DCO)
  • Experience with cybersecurity for networks, information systems, cloud, telecommunications, infrastructure devices, satellite systems, databases, data warehouses, or data lakes, or software
  • Experience with Information Assurance, Risk Management Framework (RMF), or certification and accreditation
  • Experience with vulnerability analysis, scanning, and assessments and devising and implementing mitigation
  • Experience with Cybersecurity intrusion detection, incident response, or digital forensics, cyber threat analysis, and attack surface analysis
  • Knowledge of missile defense systems, Industrial Control Systems (ICS), or Defense Industrial Base (DIB)
  • Knowledge of supply chain risk management, secure software life cycle, or applications development
  • Knowledge of systems administration or configuration management
  • Knowledge of cyberspace workforce management programs
  • Knowledge of common cybersecurity tools, including Intrusion Detection/Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) systems, compliance tracking, such as Enterprise Mission Assurance Support Service (eMASS), or vulnerability scanners, such as the Assured Compliance Assessment Solution (ACAS)
  • Ability to use productivity software, including Microsoft Office, including Word, Excel, Outlook, Access, PowerPoint, and Visio, PowerShell and collaborative tools, including Skype for Business or Defense Connect Online
  • Ability to build and maintain SharePoint-based applications
  • Possession of excellent oral and written communication skills
  • TS/SCI clearance
  • BS degree in Cybersecurity or IT preferred; MS degree in Cybersecurity or IT a plus


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance required.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.