Government and Public Sector - Cybersecurity Risk Senior
EY · McLean, VA · Yesterday
On-siteLegal$105k–$192k/yrFull-time
About the role
EY GPS is seeking a Senior to support the implementation, documentation, and self-assessment of security controls in accordance with the NIST Risk Management Framework (RMF).
Responsibilities
- Provide cybersecurity troubleshooting, analysis and technical expertise
- Oversee the work of junior team members
- Aid in the coordination of large-scale cybersecurity engagements
- Assess cybersecurity controls, programs and strategies using our proprietary framework and industry frameworks
- Operate SRC&R solutions based upon engagement defined policies and procedures
- Review cybersecurity measurements and monitor development and operations
- Support and manage GPS SRC&R consultants in the service delivery center
- Develop and review reports and presentations for both technical and executive audiences
- Provide mentorship and coaching to grow technical and consulting skills
- Deliver quality client services
- Drive high-quality work products within expected timeframes and on budget
Requirements
- Bachelor's degree in a related field
- 3+ years of related work experience
- Working knowledge of security frameworks and standards such as NIST 800-37, NIST 800-53, FIPS 199, FIPS 200, NIST CSF, NIST 800-161, CMMC and cybersecurity laws and regulations such as FISMA
- Experience in one or more of the following areas: Cybersecurity assessments, IT and cybersecurity policies, standards, procedures, and controls, Cybersecurity strategies and roadmaps, Cybersecurity awareness and training, Cybersecurity metrics and reporting, Cybersecurity organization design and implementation, Cybersecurity and risk management solution design and implementation (e.g. SNOW IRM, Archer GRC, RiskLens, Azure Security Center, etc.), Federal RMF solution operations (e.g. eMass CSAM, Xacta, etc.), Cybersecurity and IT architecture experience (e.g. cloud security architect, security architect)
- Demonstrated characteristics of a forward thinker and self-motivator who thrives on new challenges and adapts to learning new knowledge
- Strong analytical and problem-solving skills
- Strong presentation and communication skills
Qualifications
- Ability to obtain and maintain a Secret-level clearance or higher
Skills
- Security frameworks and standards such as NIST 800-37, NIST 800-53, FIPS 199, FIPS 200, NIST CSF, NIST 800-161, CMMC and cybersecurity laws and regulations such as FISMA
- Experience in one or more of the following areas: Cybersecurity assessments, IT and cybersecurity policies, standards, procedures, and controls, Cybersecurity strategies and roadmaps, Cybersecurity awareness and training, Cybersecurity metrics and reporting, Cybersecurity organization design and implementation, Cybersecurity and risk management solution design and implementation (e.g. SNOW IRM, Archer GRC, RiskLens, Azure Security Center, etc.), Federal RMF solution operations (e.g. eMass CSAM, Xacta, etc.), Cybersecurity and IT architecture experience (e.g. cloud security architect, security architect)
Benefits
- Comprehensive compensation and benefits package
- Pension and 401(k) plans
- Flexible vacation policy
- Designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence
Pay
The base salary range for this role in the US is $104,800 to $192,200.
Schedule
Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.