Key Role:
Maintain responsibility for documenting System Security Plans (SSP), processes, and procedures, apply system security configurations, perform continuous monitoring, and request client authorization for firm managed classified systems or networks applying evolving US Government Risk Management Framework (RMF) security policy and guidance. Work independently and in collaboration with others, including providing regular updates to program management teams on project statuses and monitor activities of program system administrators to ensure all relevant system or network security procedures are followed. Ensure system or network auditing, virus scanning, patching, and hardware and software configuration management requirements are executed, as defined in client-approved system assessment documentation and policy. Document clear and concise compliance criteria and test cases required to validate compliance with RMF requirements and guidance from NIST, the intelligence community (IC), and DoD. Guide others in the process of bringing an IP Secret Data Node into Booz Allen facilities. Act as an advocate for all industrial security disciplines within the security program while ensuring business needs are met. Take independent action, when appropriate and determine when to escalate a challenge to leadership.  

Basic Qualifications:

-4+ years of experience with supporting classified contractor or government authorized classified systems

-Experience in writing and submitting RMF documentation and artifacts in accordance with government RMF policy or guidance applied to secure client authorization of classified contractor managed systems

-Experience with hardening systems and using security tools, including SCAP, MBSA, McAfee, or HBSS

-Experience with the process of bringing SIPRNet into contractor facilities

-Knowledge of US government Assessment and Authorization (A&A) processes

-Ability to work with a distributed team of professionals and establish and maintain positive and effective work relationships

-Secret clearance required

-BA or BS degree in CS, Information Systems Management, Cybersecurity, or Information Assurance 

-Active Level I IAM Certification, including Security+

Additional Qualifications:

-Experience with e-MASS

-Experience with communications security (COMSEC), including using keying material

-Experience as a Windows Server administrator preferred

-Experience with virtual operating systems, WAN architecture, hardening routers or switches or other perimeter security technologies, such as firewalls, or IDS solutions

-Experience with managing data spill cleanup actions

-Possession of excellent time management skills for working on multiple projects with specific completion timeframes

-Possession of excellent oral and written communication skills

Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.