Cybersecurity Policy and Compliance Lead, Senior

Washington D.C.
Mar 13, 2018
Mar 20, 2018
Full Time
Job Description Job Number: R0025137

Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.

Cybersecurity Policy and Compliance Lead, Senior

Key Role:
Combine technical security testing, security engineering, policy, and compliance expertise with business consulting expertise to deliver high-value client IT security solutions and program planning. Contribute to a team of security professionals who provide DoD clients assurance that complex IT systems and networks meet security controls and standards. Plan and execute system security assessments to meet client requirements, analyze results, develop reports to be used to determine system vulnerabilities and risk posture, and provide recommendations for remediation to achieve desired security and risk posture. Mentor and develop assigned validation team members to meet client requirements. Prepare the Risk Management Framework (RMF) security authorization packages needed to achieve system or network authorization. Monitor and respond to security data calls on behalf of the client organization, as needed. 

Basic Qualifications:
-8+ years of experience with preparing full RMF security authorization packages or legacy DIACAP packages
-5+ years of experience with system decomposition analysis resulting in a test battery required for security control assessments
-5+ years of experience with analyzing the development of security assessment plans, security assessment reports, and risk assessment reports using ACAS and STIGs
-5+ years of experience with populating security control compliance repositories or tools, including eMASS, Xacta, or RSA Archer
-3+ years of experience with managing a team of systems administrators, testers, and RMF practitioners
-1+ years of experience with analyzing, assessing, or implementing NIST 800-53 Rev 4 security controls, CCIs, and equivalent assessment procedures
-Secret clearance
-HS diploma or GED 
-DoD Cybersecurity Workforce (CSWF) Certification, including Security+, CISSP, CASP, SSCP, CISM,  or GSLC CEH

Additional Qualifications:
-Experience in working with a Department of the Navy (DON) organization
-Experience with preparing for enterprise-level inspections, including the Command Cyber Readiness Inspection (CCRI) or Cybersecurity Inspection (CSI)
-Experience with DON RMF process guide and templates  
-Experience as a systems administrator for Windows, Linux, HP-UX, Macintosh, or other UNIX-based operating systems
-Knowledge of Windows Server 2008 R2, Windows Server 2012, Windows 7, Windows 10, Red Hat Linux (RHEL) 5,6, and 7, Macintosh OSX, and HP-UX operating systems
-Ability to navigate the management interface of network technologies, including firewalls, router, and switches
-Possession of excellent oral and written communication skills
-BA or BS degree in an IT-related field
-Navy Qualified Validator (NQV) Level I, II, or III Certification or or legacy Fully Qualified Navy Validator (FQNV) 
-Project Management Professional (PMP) Certification

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions.  Booz Allen is committed to delivering results that endure.

We are proud of our diverse environment, EOE, M/F/Disability/Vet.


Similar jobs