Cybersecurity Risk Analyst

Your growth matters to us - explore our career development opportunities.

Connect with others in our people-first culture and enhance our collective ingenuity.

Learn how we’ll support you as you pursue a balanced, fulfilling life.

Discover what to expect during your journey as a candidate with us.

When our country’s cybersecurity is on the line, simply reacting is not enough – we need a plan. And when that plan needs to protect our nation's cybersecurity infrastructure, we need strategic policy support. That’s why we need you, a security policy spe cia list with the skills to analyze the policies that determine our cyber resilience.

As a cyber strategic planning and policy advisor on our team, you’ll help review your client's current cyber policies , the coverage of those policies , and areas of risk. You’ll work with the information security office to review risk acceptance requests and assess overall risk, and collaborate with information system stakeholders to develop clear risk acceptance justifications. As you guide your client through understanding acceptable risk and availability, you’ll help develop a strategic cyber roadmap. You’ll work with the client to help them operate securely as they navigate an evolving IT environment. Join us as we protect our nation's critical infrastructure through strategic cyber policy analysis.

Join us. The world can’t wait.

You Have:

2+ years of experience with NIST 800-53

Experience c ond ucting IT Audits

Experience with cybersecurity risk analysis matters

Knowledge of cybersecurity strategy, governance, and policies within the federal space

Knowledge of cyber frameworks, including the Risk Management Framework ( RMF ) and NIST Cybersecurity Framework ( CSF )

Knowledge of FISMA, NIST 800-37 RMF, FedRAMP, security control assessments, POA & M management, risk management, and continuous monitoring

Ability to perform data analysis and report findings

Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements

Nice If You Have:

Experience with RSA Archer

Experience with policy documentation

Possession of excellent verbal and written communication skills, including developing e nga ging presentations

Security+, CAP, CISSP, CISA, or CISM Certification

Vetting:

Applicants selected will be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client .

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $55,200.00 to $126,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Cybersecurity Risk Analyst

The Opportunity:

When our country’s cybersecurity is on the line, simply reacting is not enough – we need a plan. And when that plan needs to protect our nation's cybersecurity infrastructure, we need strategic policy support. That’s why we need you, a security policy spe cia list with the skills to analyze the policies that determine our cyber resilience.

As a cyber strategic planning and policy advisor on our team, you’ll help review your client's current cyber policies , the coverage of those policies , and areas of risk. You’ll work with the information security office to review risk acceptance requests and assess overall risk, and collaborate with information system stakeholders to develop clear risk acceptance justifications. As you guide your client through understanding acceptable risk and availability, you’ll help develop a strategic cyber roadmap. You’ll work with the client to help them operate securely as they navigate an evolving IT environment. Join us as we protect our nation's critical infrastructure through strategic cyber policy analysis.

Join us. The world can’t wait.

You Have:

• 2+ years of experience with NIST 800-53

• Experience c ond ucting IT Audits

• Experience with cybersecurity risk analysis matters

• Knowledge of cybersecurity strategy, governance, and policies within the federal space

• Knowledge of cyber frameworks, including the Risk Management Framework ( RMF ) and NIST Cybersecurity Framework ( CSF )

• Knowledge of FISMA, NIST 800-37 RMF, FedRAMP, security control assessments, POA & M management, risk management, and continuous monitoring

• Ability to perform data analysis and report findings

• Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements

• Bachelor's degree

Nice If You Have:

• Experience with RSA Archer

• Experience with policy documentation

• Possession of excellent verbal and written communication skills, including developing e nga ging presentations

• Security+, CAP, CISSP, CISA, or CISM Certification

Vetting:

Applicants selected will be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client .

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $55,200.00 to $126,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

• If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.