Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – a lead information security risk specialist who can oversee breaking down complex threats into manageable plans of action.
As an information security risk specialist on our team, you’ll consult for a client, leading the discovery of their cyber risks, understanding applicable policies, and developing a mitigation plan. You’ll oversee the analysis of technical, environmental, and personnel details from security engineers and analysts as your team reviews the entire threat landscape. Then, you’ll guide your client through a plan of action with presentations, white papers, and milestones. Your client will rely on you to translate security concepts, so they can make the best decisions to secure their mission critical systems and infrastructure. This is your opportunity to take a leadership role in information security while sharing your skills in engineering and problem-solving with both clients and your team. You’ll support the ISSO with assessing, developing, and implementing the institute’s security program goals and objectives and assist with establishing program milestones and activities. You’ll manage day-to-day operations of the onsite team and ensure appropriate resource allocation, team development, tool implementation, status reporting and service delivery. You’ll help to identify and report on security program risks and metrics, perform data collection, and provide input into security process development. Join us as we protect our nation’s health research infrastructure.
Empower change with us.
Nice If You Have:
- 7+ years of experience with IT
- 5+ years of experience with implementing and managing cybersecurity tools such as BigFix, Nessus, Tenable Security Center, Cylance Protect, Splunk or other SIEM devices, Tripwire, Carbon Black, ForeScout, or FireEye
- 3+ years of experience with project management, including leading teams and tasks, prioritizing and assigning tasks to team members, facilitating meetings, and managing program schedules, budget, and contractual or task requirements
- 3+ years of experience with developing or updating existing cybersecurity policies and guidance
- Experience in interfacing directly with senior government leads and clients, leading programs or task orders, and resolving client issues
- Knowledge of all facets of information security operations, including vulnerability assessment, tools, remediation, risk management, host and network intrusion detection, anti-virus technologies, firewalls, Security Information and Event Management (SIEM), incident response, and forensic analysis
- Knowledge of FISMA requirements as they relate to the Security Authorization (SA) process
- Ability to obtain a security clearance
- BA or BS degree or 5 years of experience in an IT security field, including IT Security Architecture, IT Security Analysis, Cybersecurity Engineering, or Cyber Intelligence
- Experience with several of the following tools: BigFix, Nessus, Tenable Security Center, Cylance Protect, Splunk or other SIEM devices, Tripwire, Carbon Black, ForeScout, or FireEye
- Possession of excellent oral and written communications skills
- Security+ or CISSP Certification
- Project Management Professional (PMP) Certification or equivalent
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
Build Your Career:
Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.
Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.
Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.
Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.
Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.
Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.