Booz Allen Hamilton · 3 days ago
Cyber Strategy and Risk Advisory Specialist
Wonder how qualified you are to the job?
ConsultingCyber Security
Insider Connection @Booz Allen Hamilton
Responsibilities
Lead client delivery teams to solve clients' toughest challenges in cyber strategy and risk management.
Collaborate with experts to develop risk management programs and identify technical vulnerabilities.
Craft threat and risk-aligned mitigations to help clients proactively stop cyber-attacks.
Guide staff in various industry verticals and prioritize their growth and empowerment.
Establish quality standards, delegate responsibility, navigate conflict, and foster a culture of accountability.
Ensure solutions meet high-quality standards and are delivered within established timelines and budgets.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
8+ years of experience executing cybersecurity assessments against industry-standard frameworks such as NIST CSF, NIST 800-53, and ISO 27001
5+ years of experience leading enterprise consulting engagements with Fortune 500 and Global 1000 clients with a focus on delivering results to C-level executives and Director-level stakeholders, including identifying root cause issues, and recommending threat and risk-aligned mitigations that extend beyond basic control gaps to uplift our client’s cyber resilience
5+ years of experience in strategic advisory client-facing roles leading delivery teams, managing client expectations, briefing executive stakeholders, and leading projects from inception through completion, including delivering results within specified timelines and budgets, and leading cross-functional engagement teams comprising of 2+ staff members in consulting or customer service delivery roles
3+ years of experience with cyber threat modeling techniques such as MITRE ATT&CK, PASTA, or STRIDE
3+ years of experience identifying technology vulnerabilities using both manual and automated processes, including automated compliance and vulnerability scanners and system configuration reviews such as CIS Benchmarks, STIGS, Nessus, or Splunk
2+ years of experience with cyber risk management frameworks and methodologies, such as FAIR, NIST RMF, or COBIT
Ability to identify root cause issues, analyze vulnerabilities, and propose risk-based mitigations that materially enhance organizational security risk posture
Ability to write whitepapers, assessment reports, presentations, and briefs, communicate effectively across all organizational levels, and explain complex technical ideas to diverse audiences, including executives such as board members, CEOs, CFOs, CTOs, and CISOs
Bachelor’s degree
CISSP, CEH, GSEC, OSCP, or CISM Certification
Preferred
7+ years of experience working at a large Technology or Management Consulting Firm
3+ years of experience designing or building Cyber Risk Management, Third-Party Risk Management (TPRM), Supply Chain Risk Management (SCRM), or GRC Programs
Experience with application security or product security, including in DevOps, DevSecOps, and SDLC, and with cloud assessment methodologies, including utilizing built-in processes for assessing native cloud services, including optimizing cloud infrastructure for efficiency, security, and cost-effectiveness
Experience with Windows or Linux system administration, including managing and securing operating systems effectively, and administering and assessing network devices and security, including routers, switches, firewalls, and intrusion detection and prevention systems
Knowledge of SOC and threat hunting and threat modeling and analysis
Knowledge of emerging topics, including regulations, industry practices, and new technologies such as AI, Cyber Risk Quantification (CRQ), Zero-Trust Architecture (ZTA), threat modeling, and risk modeling
Possession of excellent leadership, analytical, critical thinking, and problem-solving skills
Possession of excellent verbal and written communication skills
CRISC, COBIT 5, FAIR, or MITRE ATT&CK Certifications
GIAC Certified Incident Handler (GCIH), GIAC Enterprise Incident Response (GEIR), or MITRE Threat Hunting Certifications
Benefits
Health, life, disability, financial, and retirement benefits
Paid leave
Professional development
Tuition assistance
Work-life programs
Dependent care
Recognition awards program
Company
Booz Allen Hamilton
Booz Allen Hamilton is a consulting firm that specializes in analytics, technology, and engineering.
H1B Sponsorship
Booz Allen Hamilton has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2023 (14)
2022 (31)
2021 (29)
2020 (38)
Funding
Current Stage
Public CompanyTotal Funding
$2.38B2023-08-01Post Ipo Debt· $650M
2020-08-13Post Ipo Debt· $700M
2015-02-02Post Ipo Secondary· $340.32M
Leadership Team
Recent News
2024-05-26
The Motley Fool
2024-05-26
2024-05-13
Company data provided by crunchbase