Enterprise Cybersecurity AI Risk Analyst
Job Description
The Enterprise Cybersecurity AI Risk Analyst role, based in McLean, VA and onsite, supports Booz Allen Hamilton in governing AI use across the enterprise. The position evaluates AI tools, platforms, AI-enabled products, generative AI use cases, automation, and machine learning capabilities, as well as third-party AI integrations, to identify cyber, technology, compliance, and operational risk, translating findings into leadership-ready reporting.
Responsibilities
- Assess AI tools, platforms, AI-enabled products, generative AI use cases, automation, and machine learning capabilities, along with third-party AI integrations, to identify cyber, technology, compliance, and operational risk.
- Collaborate with both technical and non-technical teams to understand AI usage, evaluate applicable policies and control expectations, and document risk decisions in a clear, defensible manner.
- Translate complex AI and cybersecurity concepts into concise business impact statements and risk summaries suitable for executive audiences.
- Contribute to maturing the enterprise AI cyber risk review process by developing scalable templates, consistent criteria, repeatable practices, and trend reporting that highlights recurring control gaps.
- Serve as a key operator in a developing, high-visibility AI risk program while expanding skills in AI governance, emerging technology risk, cybersecurity, and enterprise risk management.
- Support the organization in protecting operations while enabling responsible AI adoption.
Requirements
- 5+ years of experience supporting cyber, technology, product, or enterprise risk activities, including risk identification, risk assessment, control evaluation, issue documentation, risk reporting, or lifecycle management.
- Experience with governance, risk, and compliance practices, including policy alignment, control expectations, exception handling, risk acceptance, issue tracking, audit or compliance support, or risk governance routines.
- Knowledge of artificial intelligence concepts, AI-enabled tools, generative or agentic AI, machine learning-enabled capabilities, or AI product and use case evaluation.
- Knowledge of industry-standard cybersecurity, privacy, AI, or risk frameworks, including NIST CSF, NIST AI RMF, NIST SP 800-53, NIST SP 800-171, ISO 27001, ISO 42001, MITRE ATLAS, or CMMC.
- Ability to write clear, concise, executive-ready risk summaries, and translate complex technical or emerging technology concepts into business impact.
- Ability to work across technical and non-technical teams with a collaborative, customer-service-oriented mindset.
- Ability to independently manage assigned workstreams, prioritize competing demands, follow through on deliverables, and operate effectively in a developing or evolving risk management environment.
- HS diploma or GED.
Technologies
- ServiceNow
- Archer
- Smartsheet
- Jira
Benefits
- Health, life, disability, financial, and retirement benefits
- Paid leave
- Professional development
- Tuition assistance
- Work-life programs
- Dependent care
Compensation
The projected annual salary range for this position is USD 99,000 to USD 225,000. This range reflects typical pay for the role and is one element of Booz Allen Hamilton's total compensation package.
Salary is determined by location, education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. This posting will close within 90 days from the posting date.
Identity Statement
As part of the hiring process, candidates may undergo identity verification that uses advanced biometrics and artificial intelligence to confirm authenticity and prevent fraud. Interviews and assessments may require on-camera presence, and Booz Allen Hamilton reserves the right to capture images for identity verification purposes.
Candidate AI Usage Policy
AI is integrated into Booz Allen Hamilton workflows with a commitment to responsible and ethical use. The use of artificial intelligence or other tools to assist with interview responses is prohibited unless explicitly permitted.
Work Model
- Remote: If listed as remote, there may still be occasions when in-person work at Booz Allen or customer facilities is required.
- Hybrid: If listed as hybrid, frequent work from a Booz Allen facility is expected, with potential visits to customer facilities, aligned with leadership expectations and role needs.
- Onsite: If listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, with collaboration with colleagues and customers as required by the role.
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran, or any other status protected by applicable law.