Security Engineer and Administrator, Mid

The Challenge:

Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to military organizations. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action.

As an information security risk specialist on our team, you’ll work with DoD leaders to discover their cyber risks, understand applicable policies, and develop a mitigation plan.

You’ll get technical, environmental, and personnel details from SMEs to assess the entire threat landscape. Then, you’ll help your team guide your client through a plan of action with presentations, white papers, and milestones. You’ll work on translating security concepts for your client so they can make the best decisions to secure their for requirements generation for all new acquisitions and major system modifications, including defining security aspects of system architectures, determining Security Test and Evaluation (ST&E) requirements and methodologies, and conducting analytical risk management activities related to the development, operation, and maintenance of DoD information systems. Perform security assessment and compliance activities by using assessment tools and procedures and security technical implementation guides (STIGs). This is your opportunity to take an active role in information security while growing your skills in cybersecurity and risk management framework methodologies.

This position is open to remote delivery anywhere within the U.S., to include the District of Columbia. 

Empower change with us.

You Have:

  • 3 years of experience with the application of Cybersecurity standards and industry best practices
  • Experience with evaluating security vulnerabilities and formulating mitigation strategies for networked and non-networked systems
  • Experience with evaluating Cybersecurity compliance of a system against current RMF and DoD Cybersecurity policies
  • Knowledge of DoD Security Content Automation Protocol (SCAP) or commercial toolsets, including Nessus, Retina, or Nipper Studio
  • Ability to obtain a security clearance
  • HS diploma or GED

Nice If You Have:

  • Experience with the Enterprise Mission Assurance Support Service (eMASS) and developing or analyzing DoD security test and evaluation reports
  • Experience with the design and deployment of Defensive Cybersecurity Operation (DCO) methodologies or toolsets
  • Experience with the design and development of Enterprise Information, Cybersecurity services and virtualized architectures
  • TS/SCI clearance 
  • BA or BS degree
  • DoD 8570.01-m IAT Level III, IAM Level II, or IASAE Level I Certification, including CAP, CASP CE, CCNP Security, CISA, CISSP, GCED, or GSLC
  • DoD 8570.01-m CSSP Certification, including CEH, CSA+, CISA, CISM, or GCIA


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

  • Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.
  • Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.
  • Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.
  • Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.
  • Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.