Information Security Risk Specialist

The Challenge:

Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies and military organizations. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – build your knowledge as an information security risk specialist who can help break down complex threats into manageable plans of action.

As an information security risk specialist on our team, you’ll assist Space Launch Delta 30 with discovering their cyber risks, understanding applicable policies, and developing a mitigation plan. You’ll gather technical, environmental, and personnel details from Subject Matter Exports, Engineers, and System Administrators to help with assessment of the entire threat landscape. You’ll learn how to guide your client through a plan of action with presentations, white papers, Security Assessment Plan (SAP), and milestones and help to translate security concepts so they can make the best decisions to secure their mission critical systems and critical infrastructure. This is your opportunity to build experience in a strategic information security role while developing skills in Risk Management Framework and NIST Security and Privacy controls.

Join us as we protect our nations Space systems and data to provide a safer cyber environment.

 Empower change with us.

You Have:

  • ​1+ years of experience with information security
  • Experience with Information Security and Assurance Principles, specifically NIST Cybersecurity Framework
  • Experience with NIST special publications, including 800 series, FIPS 199, 140-2, the full RMF process, NIST security controls, Risk Analysis, Vulnerability Management, and Contingency Planning, assessing NIST security and privacy controls, and maintaining Plans of Action and Milestones (POA&Ms) 
  • Experience with providing guidance for understanding the NIST security and privacy controls and for providing sufficient documentation and artifacts for each control in a tool, including eMASS 
  • Experience with reviewing security requirements, recommending a mitigation strategy for deficiencies, and working directly with clients to provide solutions and education 
  • Experience with being able to assist and lead effort involving presentations, white papers, and project milestones 
  • Knowledge of annual security reviews in accordance with FISMA reporting 
  • Secret Clearance
  • HS Diploma or GED
  • IAT Level II Certification, including Security+ CE or CISSP

Nice If You Have:

  • Possession of excellent customer service and organization skills 
  • Possession of excellent verbal and written communication skills 
  • Security Certifications, including CAP, CISM, CISSP, and Project Management Professional (PMP)

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.