Key Role:         

Implement Global Cloud Services Security Architectural Standards, Design Patterns, Reference Architectures, Sub-Domain Strategies and Roadmaps, which will be used to define network security principles and constructs in which all Booz Allen Hamilton product sets and IT infrastructure will be designed to incorporate consistent and appropriate security measures, controls, and protections. Provide a point of view for cloud services security solutions that can be impacted by new technologies and business drivers. Develop an integrated security fabric that enables a global threat, risk, privacy, and protection architecture across multiple go to market, enterprise, and operating platforms. Support the design and implementation of technical cloud services security programs to mitigate security threats and risks that may impact the business through a holistic global program-oriented approach. Work with the business and divisional security leadership to design and build operational protection platforms globally that enable, enhance, and extend Booz Allen Hamilton’s ability to service and protect our customer’s and users’ needs and interests. Assess, document and implement mitigation strategies for newly discovered threats or vulnerabilities that may impact the company as part of a security incident. Interact with users to define system requirements and/or necessary modifications to new or existing software in support of security requirements. Interface with usability team to ensure user-facing privacy controls are usable.

Basic Qualifications:

• 5+ years of experience with cloud services security design, strategies and protocols, cloud provider security tools, controls and concepts including logging, segmentation, monitoring, data management, identity management

• 3+ years of cybersecurity experience

• Experience with implementing controls from NIST 800-53, FedRAMP, ICD 503, RMF, and DoD Information Levels and applying them to the design and implementation of cloud solutions to achieve an Authorization to Operate (ATO)

• Experience with network and system security tools in the Cloud, including network firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), anti-malware, vulnerability scanning, encryption, monitoring, and Identity, Credential, or Access Management (ICAM)

• Experience with developing security compliant solutions in accordance with DoD IA standards

• Knowledge of modern cloud native application patterns, practices, and platforms

• Knowledge of how to apply native cloud security and monitoring services in the Cloud, including network firewalls, access control lists, encryption, auditing and monitoring, alerting, secrets management, and compliance scanning

• Ability to obtain a security clearance

• BA or BS degree

• CISSP, CCSP, or Security+ Certification

Additional Qualifications:

• Experience with Active Directory a plus

• Experience with implementing Web services, including SOAP and RESTful

• Knowledge of DevOps situations and technologies, including Chef, Puppet, CFEngine, Zookeeper, or Capistrano

• Amazon Certified Solutions Architect, Associate, or MCSD Azure Solutions Architect Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet

eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.