Job Number: R0093184
Cyber Strategy and Risk Management Consultant
Work in a team with respected and experienced professionals to support our clients in helping them to design business-focused Cybersecurity and risk management solutions to improve the effectiveness and efficiency of their decision making. Support client delivery and execution with a growing team of Cyber Strategy and Risk Management professionals across multiple verticals. Develop cyber strategy and risk management capabilities and solutions to address root cause issues that most concern our clients across aerospace, defense, energy, financial services, health, pharmaceuticals, and other industries, including automotive, high-tech manufacturing, and transportation. Apply Booz Allen's Cyber Strategy and Risk Management capabilities and solutions to address the client's strategic, operational, compliance, and financial risk management requirements and build long-term strategies to ensure mission critical assets are secure for logical and physical. This position may be located throughout the nation, including San Francisco, CA, San Diego, CA, Los Angeles, CA, Charlotte, NC, Denver, CO, Houston, TX, Dallas, TX, NYC, or the DC Metro area and will require travel of up to 50% of the time to client sites.
-4+ years of experience with information security or risk management
-Experience with cybersecurity assessments using common industry frameworks, including CIS Top 20, NIST CSF, NIST 800-53, ISO 27001, or OWASP
-Experience with cybersecurity risk or control assessments to evaluate and analyze threat, vulnerability, impact, risk, and security issues to the business
-Experience with authoring presentations, whitepapers, assessments, and briefs based on performed analysis to drive client change and adoption
-Experience with working in a consulting or client customer service delivery role
-Ability to travel up to 70% of the time
-BA or BS degree
-Experience with cyber risk and threat modeling assessments using common industry frameworks, including COBIT, NIST, FAIR, MITRE, or ATT&CK
-Experience with designing and building governance frameworks, including three lines of defense model, COSO, or COBIT
-Security +, CISSP, CISM, CISA, CIPT, CIPM, or CRISC Certification
We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic-to fearlessly drive change.
We are proud of our diverse environment. EOE,M/F/Disability/Vet.