Information Security Compliance Engineer

Full Time

  • Work from home
  • No Travel Required

Job Description

Job Number: R0151146

Information Security Compliance Engineer
The Challenge

Cyber Threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to any organization. With all this noise and a constantly changing threat and risk landscape, how can organizations understand their risks and how to mitigate them? The answer is you - build your knowledge as an information security risk spe cia list who knows how to break down complex threats into manageable plans of action while protecting client systems and operations.

As an Information Security Compliance Engineer, you'll work with a team of cyber professionals to identify and manage cyber risks, understand applicable governance, and develop mitigation plans for systems and environments. You will design, develop, and recommend Integrated Security System solutions that ensure sensitive and high value data and business systems are protected. You'll provide te chn ical security engineering services for the support of Integrated Security Systems and solutions. You will interface with clients in the strategic design process to translate security and business requirements into te chn ical designs; configure and validate secure complex systems; and test security products and systems to detect security weakness. You will be asked to apply specific functional knowledge and expertise to business requirements and working and general industry knowledge to develop and contribute to solutions to a variety of problems of moderate scope and complexity. This position will be expected to work independently with some guidance and may review or guide activities of more junior employees. Years of experience or relevant professional certifications may be accepted in lieu of degree requirements. This position is a hybrid role with a combination of working at a Booz Allen office or client site and working remotely .

You Have:
  • 3+ years of experience with reviewing system design and architecture documentation to prepare materials addressing security controls
  • 3+ years of experience with reviewing security scan results and determining the risk and impact of vulnerabilities
  • Experience with Cloud security concepts, tools, services, and processes
  • Experience in working with NIST and FISMA requirements and reporting
  • Experience with vulnerability scanning tools and patch management processes to ensure compliance with cyber security directives
  • Experience with cyber security tools, including NetSparker, Fortify, and SonarQube
  • Experience with Splu nk
  • Ability to obtain a security clearance
  • Bachelor's degree

Nice If You Have:
  • 1+ years of experience with performing Information System Security Officer duties and responsibilities
  • 1+ years of experience with vulnerability management processes, VM- related risk management, and VM- related process improvement
  • Experience with DevSecOps and SOCaaS
  • Experience with Scripting Languages, including Terraform, Ansible, Java or Python
  • Experience with Common AWS Services, including EC2, S3, Workspaces, SNS, Lambda
  • Experience with databases, including AWS RDS, Oracle, SQL, MongoDB, MySQL, or Redshift
  • Experience with Cloud as a Service te chn ologies
  • Experience with collaborating and giving presentations to diverse stakeholders, including mission-focused teams and security teams at all organizational levels
  • Possession of excellent oral and written communication skills and interpersonal skills
  • Possession of excellent analytical skills, including attention to detail


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information .

Compe nsa tion:

At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.

The salary for this position will be determined based on various factors. The proposed salary range for this position in Colorado is $120,000 to $140,000.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people-that's Booz Allen cyber. When you join Booz Allen, we'll help you develop the career you want.

Competitions - From programming competitions at our PyNights ( Python competition and learning events ) to competing in CTFs, we've got plenty of chances for you to show off your skills.

Paid Research - Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University - CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere-including your phone-and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships - In addition to our tuition reimbursement benefit, we've partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity-fully funded without a tuition cap.

Maker / Hackerspaces - Race drones, print 3D gadgets, dri nk coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

#LI-AH1, DH1