Security Control Assessor

Booz Allen Hamilton•Oak Ridge, TN

About The Position

Security Control Assessor The Opportunity: As a systems security and network security engineer, you will identify the appropriate tools, systems, and applications needed to assess vulnerabilities and recommend the best solution and security strategy. On our team, you’ll assess a variety of network and security devices and applications in accordance with NIST 800-53 and NIST 800-37 standards. You’ll use your curiosity for technology and market trends to further research and develop security solutions. Using your knowledge and experience you’ll assess security threats and implement infrastructure controls. In this role, you’ll have impact on the mission by supporting accreditation and authorization packages for both new and existing systems. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers. What You’ll Work On: Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management. Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises. Perform risk and vulnerability assessments in network, system, and application areas. Leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise. Join us. The world can't wait.

Requirements

Experience utilizing NIST 800-53 security controls
Experience with NIST 800-37 Risk Management Framework (RMF) requirements
Experience supporting system authorization activities, including the development and maintenance of security documentation such as System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms)
Experience monitoring system security posture and identifying risks, vulnerabilities, and compliance gaps
Experience tracking and managing POA&Ms and coordinating remediation activities with system stakeholders
Experience assessing the security impact of system changes and supporting configuration and change management processes
Experience preparing systems for security assessments, audits, and Authorizing Official reviews
Ability to support continuous monitoring activities, including vulnerability management and security reporting, and serve as a security liaison between system teams, cybersecurity operations, and governance bodies
Top Secret clearance
Bachelor’s degree in Information Systems

Nice To Haves

Experience with operational technology and industrial control systems
Master’s degree in Information Systems
CompTIA Advanced Security Practitioner (CASP) or Certified Information Systems Security Professional (CISSP) Certification

Responsibilities

Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management.
Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises.
Perform risk and vulnerability assessments in network, system, and application areas.
Leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise.

Benefits

Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care.
Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values.
Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume