RMF Support Analyst

The Challenge:

Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies and military organizations. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – an information security risk specialist who will break down complex threats into manageable plans of action.

As an information security risk specialist on our team, you’ll use your experience to work with military leaders to discover their cyber risks, understand policies, and develop a mitigation plan. You’ll review technical, environmental, and personnel details from SMEs and engineers to assess the entire threat landscape. Then, you’ll guide your client through a plan of action with presentations, white papers, and milestones. You’ll work with your client to translate security concepts, so they can make the best decisions to secure their mission critical systems and critical infrastructure. This is your opportunity to act as an information security subject matter expert while broadening your skills in growth areas or appealing technology, including cloud computing, and data science. Join us as we protect our nation’s cyber infrastructure. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Empower change with us.

You Have:

  • 4+ years of experience with guiding an Information System through the Federal government seven-step RMF process
  • Experience with using RMF management tools, including eMASS, Xacta, and CMAS
  • Experience with using MS Office applications, including Word and Excel
  • Knowledge of NIST SP 800-53, Rev 4/5 security and privacy controls
  • Ability to translate technical system configurations into non-technical documentation
  • Ability to work West Coast business hours
  • Ability to work in an integrated team with diverse backgrounds is critical
  • Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
  • Bachelor’s degree in Cybersecurity or Computer Science
  • Security+CE Certification

Nice If You Have:

  • Experience with working in an ISO, CMMI, and DevSecOps environment
  • Experience with security tools, including Nessus and Security Center, Nagios, Splunk, and Fortify
  • Ability to understand Software Development Lifecycle Process, including Agile development, SCRUM, or Kanban
  • Possession of excellent problem-solving and critical thinking skills
  • CISSP or advanced CompTIA, ISC2, ISACA, or GIAC Security Certification

Vetting:

Applicants selected may be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client.

Compensation:

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full time and part time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs, individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits.

Salary for this position is determined by various factors, including but not limited to, location, the candidate’s particular combination of knowledge, skills, competencies and experience, as well as contract specific affordability and organizational requirements. The proposed salary range for this position is outlined below.

Colorado: $100,000 to $120,000.

New York (including New York City): $110,000 to $130,000.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.