Perform system risk assessment and system security planning to include related documentation. Assist client, development, and operations teams with security control implementation. Conduct security testing, control testing, and assessment per NIST and FedRAMP requirements. Assist client, development, and operations teams with security control implementation. Identify and propose solutions to resolve, mitigate, or compensate for security deficiencies. Develop policy and procedure as needed. Work independently with little oversight.
3+ years of experience with performing and supporting C&A control testing or security operations
2+ years of experience with C&A in a public or GovCloud environment, including Amazon Web Services (AWS) or Azure
Knowledge of the NIST Risk Management Framework (RMF) and 800-53 control framework
Knowledge of Linux operating systems
Knowledge of Oracle databases
Knowledge of networking
HS diploma or GED
Possession of excellent oral and written communication skills, including documentation
Security+, CISA, CISSP, or CISM Certification a plus
We're an EOE that empowers our peopleno matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristicto fearlessly drive change.
Booz Allen Hamilton Inc.