Booz Allen Hamilton offers a collaborative environment in McLean, VA, onsite, where you can help scale a structured, repeatable security review model across Market Product initiatives. You will partner with Product, Engineering, and BISO to embed secure by design guidance throughout the product lifecycle. The role emphasizes cross functional teamwork, measurable governance, and delivering secure, high quality products. The compensation range for this position reflects location and experience, with a starting point around the lower end of the range and opportunities for progression based on results and responsibilities.
Benefits
- Health benefits
- Life insurance
- Disability benefits
- Financial benefits
- Retirement benefits
- Paid leave
- Professional development
- Tuition assistance
- Work-life programs
- Dependent care
- Recognition awards program
Compensation
Salary range: USD 86,800 to 198,000 per year.
Security and compliance
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
Work model and location
- Location: McLean, VA, onsite
- Remote: Some roles may permit remote work with possible in person requirements
- Hybrid: Regular presence at a Booz Allen facility is expected, with potential visits to customer facilities
- Onsite: Work primarily at a Booz Allen office or customer facility, collaborating directly with colleagues and customers as required
Responsibilities
- Support product security architecture and design reviews for Market Product initiatives, partnering with Product Security leadership, BISO, and product engineering teams
- Apply secure by design and threat modeling practices across product reviews and help product teams adopt these patterns in their design workflows
- Maintain and improve product security gates, intake workflows, and dashboard based tracking of review status, decisions, and outcomes
- Develop reusable guidance, templates, standards, and decision records for product teams, including architecture documentation patterns and control documentation expectations
- Track product security risks and mitigation actions, and communicate status, decisions, and outstanding items clearly to product, engineering, and ECS stakeholders
- Help define and operationalize repeatable Product Security processes that improve speed, quality, and governance alignment across the product portfolio
- Contribute to policy and standards development for product facing cybersecurity practices, supporting the emerging Product Security operating model
Requirements
- 3+ years of experience in product security, application security, cybersecurity engineering, or security architecture support roles
- Experience supporting architecture or design reviews for software, platform, or cloud enabled products
- Knowledge of secure by design principles, threat modeling methods, and modern cybersecurity control frameworks
- Knowledge of product lifecycle security practices, including requirements, design, implementation, and operational risk management
- Ability to synthesize technical findings into clear, actionable guidance for engineering and non engineering stakeholders
- Ability to build and maintain structured tracking mechanisms for security review workflows and decisions
- Ability to influence technical and non technical stakeholders
- Ability to obtain a Secret clearance
- Bachelor's degree
Identity verification
As part of the hiring process, you may be asked to complete an identity verification process that uses advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. Interviews and assessments may require you to be on camera, and images may be used to verify identity to prevent fraud.
Candidate AI usage policy
AI is part of Booz Allen's daily workflow, with a commitment to responsible use. For interviews, the use of artificial intelligence tools to assist with responses is prohibited unless explicit permission is granted.
Work culture and discrimination policy
All qualified applicants will be considered for employment without regard to disability, protected veteran status, or any other status protected by applicable law.
