Baseline Security Engineer, Lead

Your growth matters to us - explore our career development opportunities.

Connect with others in our people-first culture and enhance our collective ingenuity.

Learn how we’ll support you as you pursue a balanced, fulfilling life.

Discover what to expect during your journey as a candidate with us.

Develop and implement security solutions in alignment with security strategy. Maintain an awareness of market and technology trends to bring best of breed solutions to the client. Apply leading-edge principles, theories, and concepts and contribute to the development of new principles and concepts. Work on unusually complex problems and provide highly innovative solutions. Operate with substantial latitude for unreviewed action or decision and mentor or supervise employees in both company and technical competencies. Work closely with government stakeholders in understanding the vision and direction of the information technology program and decompose this architecture and associated use cases into discrete components that can be addressed from a cybersecurity engineering standpoint. Understand proposed and in-place architectures at a level that enables the identification and understanding of possible security risks and propose solutions for risk mitigation.

Basic Qualifications:

• 5+ years of experience providing support to Information Technology (IT) operations
• Experience creating security baselines using CIS and STIG benchmarks
• Experience creating security baselines from scratch using vendor documentation
• Experience with modifying CIS and STIG benchmarks to meet organizational requirements
• Experience working with the NIST 800 Special Publication series guidance for risk management and security control implementation, including 800-30, 800-37, 800-53, 800-60, 800-63, 800-115, or 800-137
• Experience reviewing, developing, or customizing general security configuration baselines
• Knowledge of the National Vulnerability Database (NVD) and Common Vulnerability Enumeration (CVE)
• Ability to translate low-level security baseline requirements into high-level FISMA and NIST requirements and client-specific security
• Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
• HS diploma or GED

Additional Qualifications:

• Experience with networking, including CISCO, Juniper, or Palo Alto, operating systems, including Windows Server, Red Hat, or Linux, cloud services, including AWS, Azure, Salesforce, Okta, O365, or ServiceNow, or Mobile Technologies, including iOS or Xen Mobile
• Experience designing, building, and implementing automation tools, including Ansible, Chef, or Puppet
• Experience with Infrastructure as Code tools, including Cloud Formations or Terraform
• Experience with container platforms, including OpenShift
• Experience with chaos engineering and blue or green deployments
• Experience with Serverless, including Lambda, API Gateway, Step Functions, and SAM
• Experience with application performance analysis and monitoring, including ELK
• Experience with JSON or YAML programming
• AWS Certified Solutions Architect, AWS Certified Developer, CCNA, MSCE, RHCSA, EBSA, or ECSS Certification

Vetting:

Applicants selected will be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and demonstration of our values. Full-time and part-time employees working at least 20 hours a week are eligible for our benefit programs. Others may be eligible for select offerings. Learn more about our benefits on our Careers site.

Salary at Booz Allen is determined by various factors, including location, education, skills, experience, and organizational requirements. The projected salary range is $99,000 to $225,000 annually. This posting closes within 90 days from the Posting Date.

Position: Baseline Security Engineer, Lead

Key Role:

Develop and implement security solutions aligned with strategy. Stay aware of market and tech trends. Apply advanced principles and contribute to new ones. Solve complex problems with innovative solutions. Operate independently and mentor others. Collaborate with government stakeholders to understand and decompose IT architecture for cybersecurity risk mitigation.