Vulnerability Management Analyst

Vulnerability Management Analyst

The Opportunity:

Everyone is trying to “harness the cloud,” but not everyone knows how to secure it. As a cloud security architect, you know how to assess and implement requirements that ensure the safety of information systems and protect them against intentional or inadvertent access or destruction. What if you could use your advanced cloud security skills to improve client security practices? We need you to guide the development of cloud-based security architectures for some of the customer's most critical systems.

As a Vulnerability Management Analyst on our team, you’ll define, communicate, and implement security architecture to support mission-critical operations and security assessments to maintain our client's ATO and security requirements. You’ll recommend tools and capabilities based on your research of the current environment and knowledge of various on-premise, cloud-based, and hybrid resources to address the Risk Management Framework (RMF). Your technical expertise will be vital as you work with the clients' GRC team and our internal product teams to ensure standards are met with information assurance and security requirements.

This is an opportunity to use the latest cloud technologies as you look for ways to secure your customer’s environment. You’ll continue to strengthen your skills in developing automation capabilities to support vulnerability reporting and remediation activities while mentoring tomorrow’s cloud security experts.

Join us. The world can’t wait.

You Have:  

• 5+ years of experience with monitoring, reporting, and remediating vulnerabilities 

• Experience analyzing impacts of new Common Vulnerabilities and Exposures (CVEs) and Known Exploited Vulnerabilities (KEVs) against our platform and providing justifications for risk ratings

• Experience conducting threat, compliance, vulnerability, and risk assessments, reporting their results, and recommending measures to reduce risk to the platform or application tenants

• Experience recommending cloud security controls to mitigate vulnerabilities and likely threat vectors

• Experience performing risk and vulnerability assessments of cloud-based networks and network and system analysis

• Experience with Splunk and AWS native tools, including AWS Inspector and Security Hub

• Experience with scripting and automation

• Knowledge of AWS security controls and services that can be inherited from AWS for a platform environment

• Ability to obtain a Secret clearance

• HS diploma or GED

Nice If You Have:  

• Experience supporting internal and external security assessments and audits 

• Knowledge of approaches to securing and hardening high assurance boundary systems

• Knowledge of zero trust architectures

• Possession of excellent interpersonal skills to collaborate with other engineering teams

• AWS Cloud Practitioner, AWS Solutions Architect, or AWS Security Certification

Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $84,600.00 to $193,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

• If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.