Back to all jobs

Security Analyst, Senior

Booz Allen

Jun 28

Security Analyst, Senior

Key Role:

Manage the ATO, ATC, and all security policy-related responsibilities for the cloud infrastructure within the VA's AWS Gov Cloud. Conduct vulnerability scanning, container scanning, remediation planning, and incident response. Leverage expertise to make recommendations on maintaining, enhancing, and automating the overall technical security posture of the MAP environments. Provide detailed system documentation and updates. Create or assist in implementing tools, frameworks, and communication channels to drive work to successful and timely completion. Maintain positive relationships with Government and contractor stakeholder groups to execute system steward duties and translate security concepts into actionable recommendations. Identify, document, and manage cybersecurity risks, project milestones, and progress reports and briefings for clients and senior management. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Basic Qualifications:

  • 2+ years of experience with supporting system Authority to Operate (ATO) processes and creating artifacts, control implementation details, and POAMs

  • Experience with managing complex system records in the Enterprise Mission Assurance Support Service (eMASS) tool

  • Experience with managing the remediation plan for vulnerability scans, including Nessus, Database, Compliance, and Pentest

  • Experience with National Institute of Standards and Technology (NIST) security controls, the Governance, Risk Management, and Compliance (GRC) security documentation tool, Risk Management Framework (RMF), Federal Information Security Management Act (FISMA), Federal Information System Controls Audit Manual (FISCAM) criteria, and security compliance processes

  • Experience with stakeholder engagement, advising clients, leading meetings, and executive-level communications

  • Experience with Microsoft Office Suite, including Excel, PowerPoint, Visio, and SharePoint

  • Knowledge of PKI, JWT, AD user and application authentication mechanisms, and Infrastructure and Application monitoring capabilities and tools

  • Ability to facilitate meetings, analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with system team stakeholders

  • Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements

  • Bachelor's degree in a Cybersecurity, Computer Science, Engineering, or Technical field or 8+ years of experience working in a professional environment in lieu of a degree

Additional Qualifications:

  • Experience with all phases of the software development life cycle (SDLC) in AWS GovCloud using Agile methods and DevSecOps methods and tools, including Jenkins, Bitbucket, Jira, Docker, Kubernetes, or Vagrant

  • Experience with Linux OS

  • Experience Hashicorp tools, including Consul, Vault, and Packet, ElasticSearch, FluentD, Prometheus, or Grafana

  • Experience with working in professional collaborative settings while leading the development of multiple work products and deliverables

  • Experience with process improvement, strategic communications, change management, or strategic planning

  • Knowledge of service-oriented architecture (SOA) development and designing and implementing RESTful Web services

  • Ability to learn technical concepts quickly and communicate with multiple functional groups

Vetting:

Applicants selected will be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client.

The proposed salary range for this position in Colorado is 100,000 to 115,000. Final salary will be determined based on various factors.

At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.