Job Number: R0010636
Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.
CybersecurityRisk/Quality Management Specialist, Senior
Participate in the examination of client-facing systems, services, and project delivery. Prepare, review, monitor, and formulate Cybersecurity risk and quality management policies, procedures, and audit processes. Provide summary analyses regarding the organization’s condition and evolving Cybersecurity risks through meetings and reviews with firm-wide management, program and project managers, physical security specialists, and information systems security specialists. Review organizational reports, participate on and lead onsite audits and assessments, and interview senior internal and client leadership. Prepare communications for the senior management, informing them on organizational Cybersecurity risk and quality posture across the firm’s portfolio of systems, suppliers, programs, and projects.
-7+ years of experience in information security or Cybersecurity examination or technologyrisk management
-Experience with standing up a quality program, process, and measurement
-Ability to identify and assess Cybersecurityrisks related to information security systems and 2nd or 3rd party suppliers of related services
-Ability to determine the adequacy of implemented information security and supporting technology, and systems for mitigating and controlling risks
-Ability to determine the effectiveness of risk management, policies, and procedures, and compliance with laws and regulations
-Ability to monitor a portfolio of complex contract deliverable programs that have inherent Cybersecurityrisks and provide summary reports on their conditions and changing risks
-Ability to evaluate information or related information systems data, procedures, and controls to arrive at sound, supportable risk mitigation conclusions
-Ability to obtain a security clearance
-BA or BS degree
-Current Certified Information Systems Security Professional (CISSP) Certification
-Experience with Cybersecurity standards and certifications, such as ISO 27001, NIST, and CIRA
-TS/SCI clearance with a polygraph preferred
-MA or MSdegreepreferred
Applicants selected will be subject to a securityinvestigation and may need to meet eligibility requirements for access to classified information.