Booz Allen

InformationSecurityRiskSpecialist

$62–62k Bethesda, Maryland, United States FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid candidates.

The Brief

“Information Security Risk Specialist at Booz Allen. Skills: Risk Management Framework, Assessment & Authorization, Security Compliance, Continuous Monitoring. Support Risk Management Framework activities. Drive Assessment & Authorization packages”

What You'll Achieve.

Systems remain secure; Systems remain compliant

Industry & Context.

Problems you'll solve

Risk assessment; Remediation recommendations

Eligibility Requirements

Public Trust determination, Government investigation

What They're Looking For.

Must Have

3+ years experience, Apply NIST RMF, Support A&A efforts, Perform security control assessments, Develop security documentation, Knowledge of NIST SP 800-53, Knowledge of FISMA processes, Translate technical findings, Public Trust determination

Nice to Have

Communicate complex security concepts, Produce concise A&A documentation, Knowledge of structured writing, Knowledge of stakeholder analysis, Write crisply, Edit meticulously, Proofread for consistency, Facilitate working sessions, Build consensus, Present recommendations confidently, Master's degree

What You'll Do.

Support Risk Management Framework activities

Drive Assessment & Authorization packages

Obtain Authorization to Operate

Scope security controls

Remediate security gaps

Sustain continuous monitoring

How You'll Work.

Team & Collaboration

Partner with engineering teams; Partner with mission teams; Coordinate with Authorizing Officials

Communication Scope

Technical findings translation; Executive summaries; Present recommendations

Process & Methodology

Plans of Action & Milestones

Full Job Description

Information Security Risk Specialist **The Opportunity:** Cyber threats evolve constantly. In this role, you’ll turn complex risk into clear action by supporting Risk Management Framework (RMF) activities and driving Assessment & Authorization (A&A) packages through Authorization to Operate (ATO). You’ll partner with engineering and mission teams to scope controls, assess risk, remediate gaps, and sustain continuous monitoring so systems remain secure and compliant. Join us. The world can't wait. **You Have:** * 3+ years of experience within Information Security, Cyber Risk Management, or Security Compliance Functions * Experience applying NIST Risk Management Framework (RMF) across categorization, control selection or implementation, assessment, authorization, and continuous monitoring * Experience supporting Assessment & Authorization (A&A) efforts and coordinating Authority to Operate (ATO) decisions with Authorizing Officials * Experience performing security control assessments and producing artifacts such as Security Assessment Reports (SAR) and Plans of Action & Milestones (POA&Ms) * Experience developing and maintaining security documentation, including System Security Plans (SSP) and control implementation statements * Knowledge of NIST SP 800‑53 Rev.5 control families and tailoring controls to impact levels * Knowledge of FISMA processes supporting RMF and authorization decisions * Ability to translate technical findings into risk statements and remediation recommendations aligned to mission and business priorities, plan and execute continuous monitoring (ConMon), track residual risk, and drive closure of POA&Ms * Public Trust * Bachelor’s degree **Nice If You Have:** * Experience communicating complex security concepts clearly to non‑technical stakeholders and senior leaders * Experience producing concise A&A documentation and executive‑ready summaries * Knowledge of structured writing and plain‑language techniques for technical documentation * Knowledge o

Free ATS check

Applying for this Information Security Risk Specialist role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 21 detected · ranked by frequency

Continuous Monitoring ×6

Risk Management Framework ×5

Security Compliance ×4

Remediation recommendations ×4

Assessment & Authorization ×3

Security control assessments ×3

Security documentation ×3

Control tailoring ×3

Risk statements ×3

POA&M closure ×3

Information Security

Cyber Risk Management

Authority to Operate

Security Assessment Reports

System Security Plans

FISMA

Risk Management

Risk assessment

Stakeholder analysis

Change management

POA&Ms

BEHAVIOURAL

Leadership

Role Details

Seniority mid

Experience 3–5 yrs

Level Mid

Work Mode Remote

Type FULL TIME

Education Bachelor's

Salary Band 50k-75k

AI-Extracted Insights

Domain Areas

nist-risk-management-frameworknist-sp-800-53fisma-processes

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Booz Allen?

Real rants from real employees. Read before you apply.

Read Company Rants →