Cloud Security Analyst, Senior
Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.
Cloud Security Analyst, Senior
Combine technical security engineering and executive-level business consulting expertise to deliver innovative commercial Cloud strategic planning and technical solutions. Perform extensive research and analysis of commercial Cloud vendors and delivery models, including IaaS, PaaS, and SaaS and analyze the development of strategic plans, system security engineering recommendations, and security control planning and implementation. Assess and document vendor vs application owner responsibilities for vulnerability scanning, remediation and mitigation, including risk assessments and risk reporting. Maintain responsibility for analyzing and continuously monitoring Cybersecurity and privacy policies, programs, compliance artifacts, or standards for government security compliance, systems authorization, and management in a commercial Cloud environment. Perform Cloud migration planning and analyze the establishment of tactics, techniques, and procedures (TTPs) for application owners.
-8+ years of experience with analyzing information assurance or Cybersecurity compliance planning for DoD organizations
-2+ years of experience with researching emerging technologies including commercial, mobile, and Cybersecurity service providers for use in the DoD to inform and support enabling concepts, concepts of operations, pilots, and governance structures or documentation
-2+ years of experience with Cloud Cybersecurity efforts and emerging technology pilots aligned with the Risk Management Framework (RMF)
-2+ years of experience in working on FedRAMP and DoD Cloud computing with clients and vendors to assess and authorize Cloud Service Offerings (CSOs), such as IaaS, PaaS, and SaaS
-1+ years of experience with developing a Cloud strategy that will shape the acquisition, Cybersecurity or computer network defense services, enterprise architecture, policy, and risk management of a CSO
-1+ years of experience with assessing system architectures and recommending design modifications necessary to meet DoD STIGs
-Ability to solve technical problems during assessment activities
-HS diploma or GED
-DoD Cybersecurity Workforce (CSWF) IAM Level II Certification, including CISSP, CAP, CISM, or GSLC
-1+ years of experience in working with a Department of the Navy (DON) organization
-Experience with Navy policy and compliance and RMF Assessment and Authorization (A&A) for the DoD or DON
-Ability to produce high quality reports and recommendations for clients
-Ability to adhere to a project schedule and recommend changes, as necessary to maintain positive project outcomes
-BA or BS degree in an IT-related field
-DoD Cybersecurity Work Force (CSWF) requirements for IAM Level III Certification, including CISSP, CISM, or GSLC
-Certified Cloud Security Professional (CCSP) Certification
-CNDSP Analyst, CNDSP Infrastructure Support, CNDSP Auditor, or CNDSP Incident Reporter Certification
-Navy Qualified Validator (NQV) Level I, II, or III Certification
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions. Booz Allen is committed to delivering results that endure.
We are proud of our diverse environment, EOE, M/F/Disability/Vet.