Information Security Risk Specialist

Booz Allen HamiltonSan Diego, CA
$99,000 - $225,000Remote

About The Position

Information Security Risk Specialist The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to a program responsible for fielding a worldwide enterprise warfighter mission support system. In all of this “cyber noise,” how can program managers understand their risks and how to mitigate them? The answer is you. We need your knowledge as an information security risk specialist to help break down complex threats into manageable plans of action. As an information security risk specialist on our team, you’ll work with DoD acquisition programs to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You’ll get technical and operational details from Assistant Program Managers and Lead Systems Engineers to assess the entire threat landscape. Then, you’ll help your team perform risk and vulnerability assessments in network, system, and application areas. You’ll work on translating security concepts for your client so they can make the best decisions to secure their mission critical system. This is your opportunity to take an active role in information security while growing your skills in complex connected system vulnerability detection, mitigation and remediation. Work with us as we secure and protect our military’s critical mission systems for the better. Join us. The world can’t wait.

Requirements

  • 5+ years of experience working with Information Technology (IT) systems for a DoD or government agency.
  • 3+ years of experience leading Navy Risk Management Framework (RMF) projects, including Assessment and Authorization (A&A) activities for TS/SCI systems, and the preparation, direct development, and maintenance of RMF artifacts, packages, and deliverables.
  • 3+ years of experience implementing security controls and policies.
  • Performing cybersecurity compliance testing using industry standard tools.
  • Performing vulnerability analysis and remediation of networks, systems, and communications protocols.
  • Experience with Xacta, including Security Plan development and hands-on processing of packages through workflows, assisting with generating security policies, evaluating assessment documentation, and developing written security risks, mitigations, and recommendations.
  • Experience with operating systems, platforms, and technologies, including Windows, Linux, networking, virtualization, or containers.
  • Experience with architecture visualization, and developing and maintaining system artifacts, including Boundary Diagrams and Data Flow Diagrams.
  • Ability to devise and execute client deliverables.
  • Ability to work independently.
  • Ability to identify problems and devise analysis and solutions.
  • Ability to communicate results to both technical and non-technical audiences.
  • Ability to lead the accomplishments of client tasks from inception to completion.
  • TS/SCI clearance.
  • Bachelor’s degree.
  • DoD 8140 Certification.

Nice To Haves

  • Experience with tools such as Assured Compliance Assessment Solution (ACAS), DoD Security Technical Implementation Guides (STIG), and Evaluate-STIG.
  • Experience integrating security into DevSecOps pipelines.
  • Experience implementing automation methodologies and processes.
  • Experience deploying, implementing, maintaining, and integrating cybersecurity tools and applications in alignment with the current threat landscape, and analyzing risks and opportunities at both tactical and strategic levels.
  • Experience with network engineering functions, including Windows, Linux, and virtual operating systems, security tools, platforms, and technologies, including network and web application firewalls, web proxy, intrusion prevention systems, vulnerability scanners, and penetration tools.
  • Experience with developing and maintaining cyber schedule, performance, and quality metrics within the systems development lifecycle and acquisition lifecycle.
  • Master’s degree in an Engineering, Computer Science, or equivalent technical discipline.
  • OS Certification.

Responsibilities

  • Discover cyber risks for DoD acquisition programs.
  • Understand applicable policies.
  • Develop mitigation plans for cyber risks.
  • Perform risk and vulnerability assessments in network, system, and application areas.
  • Translate security concepts for clients to aid in decision-making for securing mission-critical systems.
  • Take an active role in information security.
  • Grow skills in complex connected system vulnerability detection, mitigation, and remediation.

Benefits

  • Health, life, disability, financial, and retirement benefits.
  • Paid leave.
  • Professional development.
  • Tuition assistance.
  • Work-life programs.
  • Dependent care.
  • Recognition awards program.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service