Cybersecurity Risk and Threat Engineer

Cybersecurity Risk and Threat Engineer

The Opportunity:

As a cyber professional, you know that understanding adversary tactics, techniques, and procedures is vital to producing the intelligence that enables the success of public health modernization efforts. At our company, you can apply your hands-on engineering skills and deep threat analysis experience to shape proactive cyber defense strategies and reduce real-world risks. Here, you aren’t just interpreting reports—you’re actively engineering solutions that safeguard some of the most mission-critical systems supporting our nation’s health infrastructure.

As a Cybersecurity Risk and Threat Engineer on our team, you’ll help customers solve complex security challenges using tools like Fortify and Scan Central, SonarQube, Grafana, Falco, Trivy, Splunk, Tenable, and AWS cloud. Using threat modeling, automated detection engineering, adversary simulation, and real-time risk analysis, you’ll work alongside cloud, DevOps, and incident response teams to uncover risks and implement scalable technical defenses. You’ll identify security gaps, analyze threat behaviors, and engineer detection and mitigation capabilities—often before threats even emerge.

In this role, you’ll impact public health technology modernization by engineering proactive cyber defenses into enterprise DevSecOps pipelines, detecting and neutralizing emerging threats, and enabling secure delivery of health data systems through automation and technical risk mitigation. Your work ensures that critical health infrastructure remains agile, resilient, and protected.

Booz Allen is committed to creating an environment where you can expand your cyber career through mentorship, exposure to leading-edge tools and cloud platforms, and the opportunity to earn certifications that enhance your technical depth. With missions across both public and private sectors, and a team culture focused on hands-on impact, your cybersecurity career will grow as far as your technical ambition takes you.

Join us. The world can’t wait.  

You Have:

• 3+ years of experience in cybersecurity engineering, threat detection, or risk analysis roles

• Experience with SonarQube administration and analysis configuration

• Experience implementing custom configurations and automations with Fortify and Scan Central

• Experience with scripting or programming using Python, Bash, or PowerShell for automation or detection logic

• Knowledge of cloud platforms, such as AWS, Azure, or GCP, especially cloud-native security services

• Ability to build workflows in Git in support of CI/CD pipeline automation for security tool integrations in compliance with Agile methodologies

• Ability to perform technical risk assessments, interpret vulnerabilities, and translate findings into actionable engineering fixes

• Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements  

• Bachelor's degree

Nice If You Have:

• Experience with threat detection and mitigation techniques, including log analysis, TTP mapping, and adversary emulation

• Experience with infrastructure-as-code tools and their use in securing CI/CD pipelines

• Experience in incident response, threat hunting, or red and purple teaming

• Experience with EDR/XDR tools

• Knowledge of containerized environments and securing Kubernetes or other orchestration platforms

• Knowledge of at least one SIEM platform and associated visualization integrators like Grafana or Power BI

• Knowledge of security automation frameworks and tools

• Knowledge of public health or healthcare cybersecurity challenges, including HIPAA, FISMA, or HHS-specific standards

• Knowledge of security scanning tools and understanding their output, such as Falco, Trivy, or Tenable

 
Vetting:
Applicants selected will be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client. 

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $86,800.00 to $198,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

• If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.