Cybersecurity Risk Analyst, Mid

Booz Allen Hamilton•San Diego, CA

About The Position

Cybersecurity Risk Analyst, Mid The Opportunity: Are you looking for an opportunity to advance your experience in cybersecurity and security engineering that will safeguard our nation? As a systems security and network security engineer, you can identify the tools, applications, and systems needed to assess vulnerabilities and recommend the best solution and security strategy. We need your experience to develop and implement security solutions that will protect our military. On our team, you’ll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy and risk management. You’ll use your curiosity for technology and market trends to further research and develop security solutions. Using your knowledge and experience in ACAS, STIGs, and scanning, you’ll assess security threats and implement infrastructure controls. In this role, you’ll closely impact Navy missions by championing cybersecurity, discovering cyber risks, and providing hands-on support to critical mission areas. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers. Work with us as we secure and protect our military’s cybersecurity posture for the better. What You’ll Work On: Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management. Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises. Perform risk and vulnerability assessments in network, system, and application areas ; leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise. Join us. The world can’t wait.

Requirements

3+ years of experience supporting Information Technology ( IT ) for a DoD or government agency
2+ years of experience supporting Risk Management Framework ( RMF )
2+ years of experience performing cybersecurity compliance testing using industry standard tools, including Assured Compliance Assessment Solution ( ACAS ) and DoD Security Technical Implementation Guides ( STIGs )
Experience performing vulnerability analysis of networks and systems
Experience with eMASS and security plan implementation
Knowledge of operating systems, platforms, and technologies, including Windows, Linux, cloud, or virtualization
Ability to devise and execute client deliverables, work independently, identify problems, devise analysis and solutions, communicate results, and lead the accomplishments of client tasks from inception to completion
Secret clearance
Bachelor’s degree
DoD 8140 Certification

Nice To Haves

Experience with engineering for maritime surveillance capabilities
Experience with deploying, implementing, maintaining, and integrating cybersecurity tools and applications
Experience with network engineering functions, including Windows, Linux, and virtual operating systems, security tools, platforms, and technologies, including network and web application firewalls, web proxy, int rus ion prevention systems, vulnerability scanners, and penetration tools
Experience as a Navy Qualified Validator
Ability to meet cyber schedule, performance, and quality metrics within the systems development lifecycle and acquisition lifecycle
Ability to identify and analyze risk and opportunities at both tactical and strategic levels
Top Secret clearance
Master’s degree
OS Certification

Responsibilities

Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management.
Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises.
Perform risk and vulnerability assessments in network, system, and application areas ; leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise.