Cybersecurity Policy and Compliance Analyst
Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.Cybersecurity Policy and Compliance Analyst
Provide strong security experience specializing in manual or automated security vulnerability assessments for applications and systems. Manage junior resources through the development and implementation of mobile security threat models, including penetration testing and ethical hacking and assess results to provide recommendations for improvement. Identify and lead process improvement activities. Collaborate with multiple stakeholders, including project managers to ensure proper technology risk considerations are addressed at each phase of the system development life cycle (SDLC). Work with application developers to validate, assess, comprehend root causes, and mitigate vulnerabilities. Ensure compliance requirements for mobile applications with IT security standards and policies. Continue to grow industry knowledge, staying abreast of new threats and vulnerabilities to mobile applications to provide proactive solutions.
-4+ years of experience with working in information technology or information security
-Experience with developing for iOS, Android, and Blackberry platforms and Web services, service oriented architectures, and related protocols, including HTTP or SOAP and WAP or WTLS
-Experience with programming or developing in at least one of the following languages: .NET or ASP.NET, Java, Perl, Python, Ruby, C, C++, or Objective-C
-Knowledge of the following mobile security testing tools: Agnito, CLang, Charles Proxy, oTool, iPhoneDbg, iPhone-data protection, Keychain-Dumper, iAuditor, PList Editor, trustme, and Theos
-Ability to obtain a security clearance
-BA or BS degree
-One or more of the following Professional Certifications: CISSP, CEH, OSCP, OSCE, GPEN, or CPT
-Experience with authentication services, including Active Directory
-Experience with project management or debugging and requirements tracking tools, including Remedy, ServiceNow or other Service Management tool, Jira or GIT, GreenHopper, and Bonfire
-Experience with test application store, including AirWatch, Zenprise, and MobileIron
-Experience with large application Web server environments, including IBM WebSphere
-Experience in application deployment
-Experience with programs to manage current and historical versions of mobile application pages and Web sites, including Subversion or Subclipse, Active Directory, and Jira
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems. by their side to help them achieve their missions. Booz Allen is committed to delivering results that endure.
We are proud of our diverse environment, EOE, M/F/Disability/Vet.