Risk Assessment Analyst

Booz Allen Hamilton•Alexandria, VA

About The Position

Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to the global enterprise. In all of this “cyber noise,” how can these organizations understand their risks and how to mitigate them? The answer is you. We need your knowledge as an information security risk specialist to help break down complex threats into manageable plans of action. As an information security risk specialist on our team, you’ll work with industry partners to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You’ll get technical and personnel details from SMEs and engineers to assess the entire threat landscape. Then, you’ll help your team guide your client through a plan of action with presentations, white papers, and milestones. You’ll work on translating security concepts for your client so they can make the best decisions to secure their critical infrastructure. This is your opportunity to take an active role in information security while growing your skills in cybersecurity policy and implementation. Work with us as we protect our nation’s cyber infrastructure. Join us. The world can’t wait.

Requirements

5+ years of experience in services for the Federal government or Federal advising within a professional work environment.
Experience in cybersecurity risk assessments and supply chain or risk management efforts.
Experience leveraging collaboration forums, such as MS Teams and SharePoint, for knowledge management and to enhance team delivery effectiveness.
Experience with writing or drafting executive or formal senior-level correspondence or material, such as memorandums or white papers, to support decision-making.
Top Secret clearance.
Bachelor's degree in Computer Science, Information Systems, Engineering, Mathematics, or Physics.

Nice To Haves

Experience facilitating meetings, such as working groups or conferences, and associated pre and post meeting activities.
Experience with supporting DoD-level organizations, including Action Officer duties, coordination, and staffing processes or tools.
Knowledge of NIST 800 series publications.
Knowledge of Joint instructions and manuals.
Knowledge of DoW policy around non-traditional IT Cybersecurity, including ICT-SCRM and C-SCRM.
Ability to lead cross-functional initiatives where goals and parameters may evolve over time.
Ability to brief and collaborate with executive and senior leadership.
Possession of strong verbal and written communication, organizational, problem solving, and interpersonal skills.

Responsibilities

Discover cyber risks with industry partners.
Understand applicable policies.
Develop a mitigation plan.
Assess the entire threat landscape by gathering technical and personnel details from SMEs and engineers.
Guide clients through a plan of action with presentations, white papers, and milestones.
Translate security concepts for clients to help them make informed decisions about securing their critical infrastructure.