Apply advanced knowledge and leadership for conducting the assessment of threats and vulnerabilities through testing and evaluation activities, including network penetration testing, vulnerability assessments, and Web application security testing. Perform assessments, including the determination of deviations from required and acceptable configurations, evaluation of the existing level of risk, recommendations for appropriate remediation measures, and evaluation of the residual risk after remediation. Provide leadership and mentoring for junior employees. Contribute to the development of innovative principles and ideas. Work on unusually complex problems and provide solutions that are highly creative. Act as a leader on large programs and projects that affect the organization's long term goals and objectives.
-5+ years of experience with automated security configuration assessment tools using SCAP to automate configuration compliance reviews, including DoD SCAP Compliance Checker or CIS Auditor
-5+ years of experience with configuring, planning, and executing large scale vulnerability assessments using automated vulnerability assessment tools, including OpenVAS, Nessus, Retina, or Qualys
-3+ years of experience with leading security assessment and Cyber activities
-3+ years of experience with Windows and UNIX, Linux, or Solaris system administration
-1+ years of experience with one or more of the following specializations: penetration testing and red teaming activities, malware analysis or binary reverse engineering, advance persistent threat or hunt activities, coding and scripting in multiple languages, network engineering or security for Cisco, Juniper, or Alcatel, Cyber threat intelligence or development of Cyber threat operations capabilities, design or operation of Network Operations Centers or Security Operations Centers, or designing or leading incident response programs
-CompTIA Security+ CE, GSEC, CISA, CASP, or CISSP and Microsoft, UNIX, Linux, or Solaris Certification
-Experience with host based security tools, including anti virus, host based IDS, data loss prevention, or disk encryption tools
-Experience with Microsoft Excel, including the use of formulas for analysis and consolidation of data
-Experience with XML and manipulating data sets for analysis and data manipulation
-Knowledge of basic computer networking concepts
-BS degree in CS, Information Security, Engineering, or a related field preferred; MA or MS degree in CS, Information Security, Engineering, or a related field a plus
Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions. Booz Allen is committed to delivering results that endure.