Booz Allen
InformationSystemsSecurityManager
Neural analysis suggests this role is
optimal for Senior candidates.
“Information Systems Security Manager at Booz Allen. Skills: NIST RMF, Information Security, Cybersecurity, A&A Process. Support Army efforts. Provide guidance in modification and review of ATO documentation”
Industry & Context.
Design security mitigation or remediation solutions for identified risks
Ability to travel up to 25% of the time, Secret clearance, Identity verification process, On camera during interviews and assessments, Use of AI prohibited during interviews unless explicitly provided
What They're Looking For.
Must Have
5+ years of experience with NIST RMF policies, 3+ years of experience supporting system ATO processes, Experience with National Institute of Standards and Technology (NIST) security controls, Experience with the Governance, Risk, and Compliance (GRC) security documentation tool, Knowledge of the DoD RMF process, Knowledge of DoD A&A processes and standards, Ability to travel up to 25% of the time, Secret clearance, HS diploma or GED, Security+ Certification
Nice to Have
Experience with the Enterprise Mission Assurance Support Service (eMASS), Experience with Security Technical Implementation Guides (STIGs), Experience with Security Content Automation Protocol (SCAP), Experience with Assured Compliance Assessment Solution (ACAS), Experience with Ports, Protocols, and Services Matrix, Experience with Vulnerability Remediation Asset Manager (VRAM), Experience with Host-Based Security System, Experience using Microsoft Office products, Experience managing the authorization status of DoD RMF from step 1 through step 6, Ability to interface with senior leadership, Ability to prioritize and react to changing requirements with a sense of urgency to meet deliverables on time, Ability to manage and prioritize work independently, Ability to juggle multiple tasks, tight deadlines, and changing priorities, Possession of excellent verbal and written communication skills, Certified Information Security Manager (CISM), Certified Information System Security Professional (CISSP) or Associate, GRC Certification
What You'll Do.
Provide guidance in modification and review of ATO documentation
Provide insight into documentation packets for ATO
Communicate risks with internal team and client
Integrate information assurance solutions within architecture
Participate in information systems risk assessments
Participate in continuous monitoring
Design security mitigation or remediation solutions
Ensure architecture and design of Army IS is functional and secure
Plan and accomplish security-related goals
Support system or network designs
Report to internal Team Lead and SCA
Report to senior management
How You'll Work.
Team & Collaboration
Communicate risks with the internal team and client; Collaborate with colleagues and customers
Communication Scope
Excellent verbal and written communication skills
Process & Methodology
Manage and prioritize work independently, Juggle multiple tasks, tight deadlines, and changing priorities
Full Job Description
Information Systems Security Manager **The Opportunity:** Support Army efforts, leveraging experience in information security and cybersecurity guided by the NIST Risk Management Framework (RMF) during the Assessment and Authorization (A&A) process. Provide guidance in the modification and review of existing ATO documentation, and proactively provide insight into the documentation packets for ATO. Communicate risks with the internal team and client and integrate information assurance solutions within architecture, system, or system components. Participate in information systems (IS) risk assessments, continuous monitoring, and design of security mitigation or remediation solutions for identified risks. Ensure the architecture and design of Army IS is functional and secure, and use expertise and judgment to plan and accomplish security-related goals. Support system or network designs that encompass multiple data centers or networks, including those with differing data protection and classification requirements. Report to the internal Team Lead and Security Controls Assessor (SCA) for IA issues and concerns with separate reporting to senior management for network operational requirements, as necessary. **You Have:** * 5+ years of experience with NIST RMF policies, including continuous monitoring and information system security policies, standards, and procedures * 3+ years of experience supporting system ATO processes and creating artifacts, control implementation details, and POA&Ms * Experience with National Institute of Standards and Technology (NIST) security controls, the Governance, Risk, and Compliance (GRC) security documentation tool, RMF, and security compliance processes * Knowledge of the DoD RMF process * Knowledge of DoD A&A processes and standards * Ability to travel up to 25% of the time * Secret clearance * HS diploma or GED * Security+ Certification * Certified Information Security Manager (CISM), Certified Information System Security Professional (C
Applying for this Information Systems Security Manager role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Booz Allen?
Real rants from real employees. Read before you apply.