Back to all jobs

Cybersecurity Specialist

Booz Allen

Nov 22

Cybersecurity Specialist

The Challenge:

Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them to seem overwhelming to all organizations across different industries. In all of this “cyber noise”, how can these organizations understand their risks and how to mitigate them? The answer is you – an information security risk specialist who will break down complex threats into manageable plans of action.

As an information security risk specialist, you’ll use your experience to work with diverse organizations to discover their cyber risks, understand applicable policies, and analyze a mitigation plan. You’ll review technical, environmental, and personnel details from organizations to assess the entire threat landscape. Then, you’ll guide your client through a plan of action with presentations, white papers, and milestones. You’ll work with your client to translate security concepts, so they can make the best decisions to secure their environment.

You Have:

  • 4+ years of experience with enterprise cybersecurity risk, controls, assessments, and mitigation planning

  • Experience with the FAIR Risk Methodology

  • Experience developing and delivering senior C-suite level clients

  • Knowledge of various industry frameworks, including NIST CSF, 800-53, CMMC, and PCI

  • Ability to carry out cybersecurity strategies, risk strategies, assessment interviews, documentation reviews, and perform analysis across diverse levels of key stakeholders

  • Ability to develop strategy and materials to present to client stakeholders and leadership  

  • Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements

  • Bachelor's degree

Nice If You Have:

  • Knowledge of threat modeling, kill chain analysis, risk optimization principles

  • Possession of excellent verbal and written communication skills to communicate with federal cyber and non-cyber audiences 

  • Bachelor's degree in Cybersecurity 

  • FAIR, CISSP, PMP, or Security+ Certification

Vetting:

Applicants selected may be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client. 

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.