Vulnerability Assessment Analyst

Booz Allen Hamilton Inc.•San Antonio, TX

45d•$61,900 - $141,000

About The Position

As a cyber professional, you know that understanding adversary tactics, techniques, and procedures is vital to producing the intel that enables the success of mission partner. At Booz Allen, you can apply your skills and knowledge to inform strategies and help mitigate the most pressing vulnerabilities. Here, you aren't just deciphering reports. You're telling the story to play a part in informing our nation's most far-reaching cyber security decisions. As a cyber threat specialist on our team, you'll be trusted to help customers solve problems using the latest software. Using various test, assessment and monitoring tools, you'll work with multiple stakeholders to evaluate risk and make meaningful recommendations. You'll help monitor security environments and identify security gaps through the eyes of an adversary. In this role, you'll impact key mission components by monitoring the network environment for new and evolving threats, analyzing integrated Validated Online Lifecycle Threat (VOLT) Reports with all-source intelligence, and supporting damage assessment activities to assess adversary capabilities. Booz Allen is committed to creating an environment where you can grow your cyber career through mentoring, the opportunity to leverage new resources, and the ability to gain in-demand certifications to sharpen your skill set. With opportunities supporting both the private and public sectors across multiple geographies, your career is only limited by your own appetite for exploration. Work with us to secure our systems, networks, and crucial infrastructures. Join us. The world can't wait.

Requirements

2+ years of experience in Cybersecurity
Experience performing vulnerability scanning, assessment, and remediation tracking within DoD or Intelligence Community environments
Experience with vulnerability management tools, such as ACAS, Tenable.sc, Nessus, or Qualys
Experience generating and maintaining Plan of Action and Milestones (POA&M) documentation
Experience with reviewing and tracking security exceptions documentation
Knowledge of RMF, NIST SP 800-53, STIGs, IAVMs, and DoD cybersecurity compliance processes
Ability to analyze scan results, assess system risks, and develop mitigation strategies in coordination with system owners, coordinate and escalate vulnerability remediation efforts with technical and functional teams, and provide RMF and audit support
TS/SCI clearance
Bachelor's degree in Cybersecurity, Information Technology, or Computer Science
DoD 8140 baseline Level II Certification, such as Security+, CySA+, or CISSP

Nice To Haves

Experience supporting Air Force or Joint Cyber Operations units
Experience with enterprise patch management tools, such as SCCM, MECM, Tanium, or BigFix, and automated compliance reporting
Experience integrating vulnerability data into dashboards using Power BI, Elastic, or Splunk
Experience with PowerShell scripting
Experience supporting Agile cyber engineering teams
Knowledge of risk scoring methodologies (CVSS) and asset prioritization frameworks
Master's degree in Cybersecurity, Computer Engineering, or Information Assurance
CASP+, CEH, or Certified Vulnerability Assessor (CVA)
SAFe Agile or ITIL Certification

Responsibilities

monitoring the network environment for new and evolving threats
analyzing integrated Validated Online Lifecycle Threat (VOLT) Reports with all-source intelligence
supporting damage assessment activities to assess adversary capabilities
analyze scan results, assess system risks, and develop mitigation strategies in coordination with system owners, coordinate and escalate vulnerability remediation efforts with technical and functional teams, and provide RMF and audit support