Skip to content
Cybersecurity Risk and Threat Engineer
| Company | Booz Allen |
|---|
| Location | Atlanta, GA, USA |
|---|
| Salary | $86800 – $198000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Mid Level |
|---|
Requirements
- 3+ years of experience in cybersecurity engineering, threat detection, or risk analysis roles
- Experience with SonarQube administration and analysis configuration
- Experience implementing custom configurations and automations with Fortify and Scan Central
- Experience with scripting or programming using Python, Bash, or PowerShell for automation or detection logic
- Knowledge of cloud platforms, such as AWS, Azure, or GCP, especially cloud-native security services
- Ability to build workflows in Git in support of CI/CD pipeline automation for security tool integrations in compliance with Agile methodologies
- Ability to perform technical risk assessments, interpret vulnerabilities, and translate findings into actionable engineering fixes
- Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
- Bachelor’s degree
Responsibilities
- Help customers solve complex security challenges using tools like Fortify and Scan Central, SonarQube, Grafana, Falco, Trivy, Splunk, Tenable, and AWS cloud
- Using threat modeling, automated detection engineering, adversary simulation, and real-time risk analysis
- Identify security gaps, analyze threat behaviors, and engineer detection and mitigation capabilities
- Impact public health technology modernization by engineering proactive cyber defenses into enterprise DevSecOps pipelines
- Detect and neutralize emerging threats, and enable secure delivery of health data systems through automation and technical risk mitigation
Preferred Qualifications
- Experience with threat detection and mitigation techniques, including log analysis, TTP mapping, and adversary emulation
- Experience with infrastructure-as-code tools and their use in securing CI/CD pipelines
- Experience in incident response, threat hunting, or red and purple teaming
- Experience with EDR/XDR tools
- Knowledge of containerized environments and securing Kubernetes or other orchestration platforms
- Knowledge of at least one SIEM platform and associated visualization integrators like Grafana or Power BI
- Knowledge of security automation frameworks and tools
- Knowledge of public health or healthcare cybersecurity challenges, including HIPAA, FISMA, or HHS-specific standards
- Knowledge of security scanning tools and their output, such as Falco, Trivy, or Tenable
