Cybersecurity Assessor

Reston, Virginia, United States
Jan 15, 2019
Jan 21, 2019
Full Time
Job Description Job Number: R0042359

Cybersecurity Assessor

The Challenge:

Everyone knows security needs to be “baked in” to a system architecture, but you actually know how to bake it in. You can identify and implement ways to harden systems and reduce their attack surface. What if you could use your Cybersecurity assessment skills to design and build secure systems for our customer? We're looking for a Cybersecurity Assessor who can help create solutions for our customer that will stand up to even the most advanced Cyber threats.

As a Cybersecurity Assessor on our project, you'll conduct a compliance assessment of new and existing information systems and prepare security assessment reports containing the results and findings from the compliance evaluation. You'll work with various engineering and Cyber teams to identify the right mix of tools and techniques to translate your customer's needs and future goals into a plan that will enable secure and effective solutions. We need to come up with the best solution, so you'll investigate new techniques, break free from the legacy model, and go where the industry is going. As a team, we'll take a critical approach to network design, providing alternatives and customizing solutions to maintain a balance of security and mission needs. This is a chance to learn from a team of experts as you make a difference in the security of information systems that directly support the warfighter. Your contributions will help customers overcome their most difficult challenges by integrating secure practices and Cyber methodologies to conduct vulnerability management assessments, risk assessments, and hardware and software security implementation evaluations. You'll be able to gain experience in the automation and orchestration of security compliance evaluations across Enterprise, Mission, and cloud-based IT services, while building piece of mind in a critical infrastructure. Join our team as we improve the compliance and functionality of mission systems supporting the warfighter through Cybersecurity.

Empower change with us.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that's Booz Allen cyber. When you join Booz Allen, we'll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we've got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we've partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

You Have:

-Experience with vulnerability management and scanning tools, including Nessus or eMASS

-Experience with system administration for Windows or Linux systems

-Knowledge of the Risk Management Framework (RMF) and DoD Security Technical Implementation Guides (STIGs)

-Ability to learn new tools and technologies, balance multiple concurrent activities, and manage time efficiently

-TS/SCI clearance

-HS diploma and 4 years of experience with IT or Cybersecurity or BA or BS degree

-DoD 8570 IAT Level II Certification, including Security+ required

Nice If You Have:

-Experience with code inspection tools, including SonarQube

-Experience with technical writing for POA&M's, Risk Acceptance, and IA Controls

-Knowledge of domain structures, user authentication, virtualization, and various engineering platforms

-Ability to author compliance reports and assessment recommendations

-Ability to automate compliance assessments and reporting

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

Similar jobs