דרושים United States, California, Chief Executive Officer ב-United States

As an Executive Support Coordinator (ESC), you’ll provide high-level administrative support to the organization. This role involves providing in-office support for local and visiting PPMDDs as well as supplemental in-office assistance. May also assist with tax, backup and interim support for PPMDDs with executive assistants on extended leaves. May also assist and coordinate local office events. The ideal candidate will possess strong organizational skills, attention to detail, and the ability to manage multiple tasks in a dynamic environment. You’ll be a key member of a team using your experience, skills and knowledge of organizational policies, procedures and practices to help achieve the goals of the business. You’ll present information to inform recommendations on business processes and be part of a high performing, diverse and inclusive team sharing best practices.

Your key responsibilities

• Assist in the planning, organization, and execution of local office events, including team meetings, training sessions, and corporate gatherings in compliance with meeting and events policy and process and in collaboration with CBRE as necessary
• Coordinate with Meeting and Events team on logistics such as venue selection, catering, and materials preparation to ensure successful event delivery
• Prepare and organize materials for onsite meetings, presentations, and reports, ensuring all necessary documentation is readily available
• Develop and maintain relationships with internal personnel at all levels to complete support activities
• Manage and coordinate small projects and track progress
• Leverage strong working knowledge of applicable firm and service line quality, risk and confidentiality policies and guidelines in daily business operations
• Apply and share knowledge obtained on firm technology, work processes, resources, structure and business of the firm/service line/functional group
• Use firm knowledge, tools and network of resources to execute on deliverables and solve problems that arise to meet customers’ expectations
• Maintain documents on appropriate file servers and repositories, aid in the adherence to and reinforcement of record retention policies
• Act as a backup for other executive assistants during absences or peak workloads, ensuring continuity of support for executives which may include booking travel arrangements, processing and tracking business expenses in compliance with firm policy
• Collaborate with the executive support team to facilitate smooth operations and effective communication

Skills and attributes for success:

• Highly skilled attention to detail and self-assurance of quality of work performed or reviewed
• Ability to effectively manage conflicting priorities, organize workflow, anticipate customer needs and independently leverage alternative resources to achieve optimal operational excellence
• Proactively coach and share knowledge with colleagues
• Gain knowledge and develop and demonstrate advanced working knowledge of firm structure, service lines, key personnel, software and organizational policies and procedures
• Work independently with minimal supervision

To qualify for the role, you must have

• Ability to provide in-office support five days a week
• 4+ years of relevant business experience or combined no less than 2 years relevant experience and associates or higher degree
• Proficiency in MS Word, Excel, PowerPoint, Teams and Outlook
• Proficiency in automated calendar management tools (e.g. Outlook) and various IOS and Android mobile devices

• Proficiency in MS SharePoint

What we offer you
At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn .

• We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $46,900 to $98,000. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $56,300 to $111,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
• Our expectation is this is 100% in office job.
• Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

Responsibilities

• The successful candidate will work with GPS engagement teams, supporting functions, and EY’s Client Technology and Global Information Security organizations to develop and maintain a security and compliance program across all environments, platforms and applications used or desired for use by GPS. Responsibilities include:
• Strategy, Governance and Risk Management
• Development and execution of a multi‑year cybersecurity strategy and investment roadmap aligned to business objectives and federal contract requirements.
• Development, management and maintenance of the GPS IT security risk management policy and/or procedural documentation mapped to NIST SP 800-37 (RMF), NIST SP 800‑53, NIST SP 800‑171, NIST SP 800‑161 (C‑SCRM), and NIST SP 800‑218 (SSDF)
• Ownership of the enterprise risk assessment (ERA), business impact analysis (BIA), and security metrics; present posture and material risk to the COO on a recurring cadence.

Defense Industrial Base Compliance (Classified & Unclassified)

• Manage GPS compliance with DFARS 252.204-7012, 252.204-7020, and 252.204-7021. This includes:
  • Leading DFARS/CMMC readiness and ongoing compliance.
  • Serving as the Affirming Official (AO) and maintaining an accurate SPRS self‑assessment score with defensible Plans of Action and Milestones (POAMs).
  • Achieving and maintaining CMMC certification at level 2.
  • Overseeing management and maintenance of POAMs.
• Ensure systems operated for the government are designed properly and assessed against the appropriate requirements such as FedRAMP, Cloud Computing Security Requirements Guide, IRS 1075, and MARS-E.
• Ensure safeguarding and incident reporting obligations for CUI (e.g., DFARS 252.204‑7012 72‑hour reporting) are met; coordinate with DC3/DIBNet and affected customers when necessary.
• Oversee NISPOM compliance for classified systems; partner with FSO to achieve and maintain Authorizations to Operate (ATOs).
• Ensure proper handling of export‑controlled data (ITAR/EAR).
• Prepare for and lead Program through contractually required assessments and customer audits; keep evidence, policies, configurations, and logs audit‑ready.
• Respond to government inspections or audits in coordination with EY Information Security and Risk Management.

Secure Cloud, Identity & Enterprise Platforms

• Own security architecture and controls for Azure Government (Azure Gov) and Microsoft 365 GCC High tenants, including Conditional Access, PIM/PAM, encryption, logging/retention, and data governance for CUI.
• Implement Zero Trust principles across identity, endpoints, networks, and workloads; drive continuous verification and least‑privilege.
• Deploy and operate EDR/XDR, SIEM/SOAR, DLP, CASB/SSE/SASE, MDM, key management/HSM, and vulnerability/configuration management at scale.
• Oversee user authorization process and ongoing attestation of user authorization and access.
• Assist to resolve GPS practitioners’ access or other issues with Enclave environments.
• Ongoing development, coordination and sustainment of Information Security Continuous Monitoring (ISCM) Program across all applications within the environment.

DevSecOps & Secure SDLC

• Establish a software security program aligned to NIST SSDF (SP 800‑218) and EO 14028 expectations; integrate security into SDLC across GitHub and Azure DevOps.
• Govern AppSec tooling and policy: SAST (e.g., Checkmarx), DAST (e.g., Qualys/AppScan), SCA/OSS (e.g., Mend), IaC/container/K8s scanning, and Wiz/Wiz Code; enforce build‑time gates and remediation SLAs.
• Require SBOM generation, artifact signing/provenance (e.g., SLSA targets), and secrets management across all repositories and pipelines.

Detection, Response & Resilience

• Develop, manage and maintain GPS incident response program.
• Lead SOC and CSIRT functions: 24×7 monitoring, threat intelligence, purple/red‑team exercises, and executive tabletop drills.
• Maintain and test the Incident Response Plan and Cyber Crisis Playbook, including regulatory/customer communications and forensics preservation.

Effective Business Integration

• Ensure development of fit-for-purpose solutions that support the business activities.
• Manage integration of Firm applications into the GPS Enclave environment.
• Understand and facilitate communication of EY’s IT disaster recovery and business continuity plans to GPS clients, potential clients and engagement teams (including engagement team responsibilities).
• Augment existing Client Security Assurance reviews of data protection requirements contained in RFPs/RFQs to adequately respond, and assist in development of GPS client security and data protection (confidentiality) plans.
• Monitor regulatory or other developments in INFOSEC principles, regulatory requirements and leading practices.

Leadership, Team and Budget

• Role model a leadership style that brings infrastructure, application and cybersecurity professionals together to collaborate constructively on the design, implementation and operation of controls.
• Build and mentor a high‑performing organization spanning Policy/GRC, AppSec/DevSecOps, Security Engineering/Architecture, SOC/IR, and Third‑Party & Supply‑Chain Risk.
• Own the cybersecurity budget and vendor portfolio; rationalize tools and services for value, performance, and compliance.
• Participate in purchasing and enhancement of third-party tools for GPS.
• Augment and potentially streamline existing Vendor Supplier Risk Assurance Program during evaluation of subcontractor compliance with applicable cybersecurity and data protection clauses.
• Drive a security‑first culture: ongoing training, phishing simulations, secure coding education, and leadership engagement including data protection and awareness and role-based training programs.
• Coordinate and respond to annual (or more frequent) independent risk assessments and cyber security reviews.

Qualifications:

• 12+ years of progressive cybersecurity leadership, including 5+ years at the enterprise or business‑unit executive level.
• 5+ years FISMA related experience
• Bachelor’s degree in IT-related field or bachelor’s degree in non-IT related field with a total of 10 years of information security experience
• Master’s degree preferred
• Ability to obtain and maintain Top Secret clearance
• US citizenship required
• Must have government sector experience
• Thorough knowledge and understanding of:

• • FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems
  • DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting
  • NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
  • NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations
  • GSAM 552.239-70, Information Technology Security Plan and Security Authorization, 552.239-71, Security Requirements for Unclassified Information Technology Resources and similar clauses in agency FAR supplements
  • FISMA
• Specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with the Risk Management Framework
• Proven experience in the Defense Industrial Base with DFARS/CMMC and NIST SP 800‑171 implementation and audits (including POA&M and SPRS management).
• Experience with FEDRAMP compliance authorization and monitoring
• Deep expertise securing Azure Government and Microsoft 365 GCC High environments
• Experience working with other Government cloud communities, including AWS
• Experience working with classified environments, achieving/maintaining ATOs, overseeing classified systems under NISPOM and DoD RMF, and working understanding of SCIF operations
• Knowledge and experience with vulnerability scanning execution, assessment, and analysis
• Knowledge and experience of networks, including LAN and WAN
• Knowledge and experience with application security, database security, and network security
• Experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines
• Hands‑on leadership of DevSecOps and software security programs covering GitHub/Azure DevOps/Jenkins with SAST/DAST/SCA, IaC/container security, SBOMs, and supply‑chain controls.
• Demonstrated analytical, problem-solving, organizational, interpersonal and communication skills required.
• The ability to collaborate effectively with diverse stakeholders, including client-facing, legal, finance and contracting teams, executives, engineers, customers and assessors on a wide variety of tasks, as needed.
• Ability to foster professionalism and demonstrate integrity and confidentiality in all actions.
• Ability to demonstrate flexibility when required, sense urgency, organize and prioritize work, and achieve against tight deadlines.
• The ability to interpret and communicate regulatory requirements related to cybersecurity and data protection.
• Possession of excellent written/verbal communications skills.
• Possession of excellent analytical skills, including strict attention to detail.
• Ability to assess and weigh current and evolving security threats in an operational environment
• Possession of Information Systems Security Professional certification (CISSP)
• Certifications such as CISSP, CISM, CCISO, CCSP, CRISC, CISA, PMP, and relevant GIAC credentials preferred

As an Executive Administrative Coordinator, you will provide high-level, functionally specialized administrative, project and operational support to multiple executives of the firm who hold designated leadership positions. You will be closely aligned and integrated with the operations, strategies and business objectives of senior leaders with visibility across their network. You will proactively identify the needs and challenges of the executive, identifying effective solutions and ensuring that all necessary preparations and support are in place to enable the executive's success. You will track, coordinate and execute on confidential projects, applying judgment and selecting methods for meeting objectives. As a representative of the executive leaders, you will foster sophisticated relationships and interact with internal and external clients and stakeholders.

Your key responsibilities

• Manage daily execution of administrative services for eligible partners, principals, managing directors and directors
• Apply specialized knowledge of service line, sector and operations role of executive to make independent decisions to accomplish project, administrative and operational objectives
• Apply an in-depth understanding of the key drivers affecting the leader’s role and business priorities to administrative and project coordination
• Identify and resolve administrative issues and challenges, analyze problems and implement solutions to improve efficiency and productivity
• Build and foster relationships with internal and external business leaders and stakeholders and their administrative staff to support business objectives
• Protect confidential/proprietary information and manage data and records securely
• Demonstrate high level firm/service line knowledge of QRM policies
• Independently compose, format and edit non-technical business documents in conjunction with leader executives and appropriate internal communications professionals
• Liaise with service line and core business service personnel to track and coordinate executive work/projects; manage information and respond to requests accurately and promptly
• Compile, review and analyze markets and budget reports to create tracking reports, identify action items, coordinate follow up and prepare meeting materials
• Anticipate and apply knowledge of leaders’ priorities to manage complex and constantly changing calendars
• Coordinate domestic/international travel, internal and external events, meetings and conferences within scope leveraging appropriate resources

Skills and attributes for success

• Complex problem solving within realm of role responsibilities, using strong analytical, organizational and research skills
• Independent decision maker exercising discretion/judgment
• Assimilate unfamiliar issues rapidly
• Proactively escalate identified or potential issues
• Ability to communicate effectively and professionally with all levels including senior leaders with sensitivity to matters that require diplomacy
• Navigate organizational structures, changing environments and sensitive relationships
• Prioritize and perform multiple tasks simultaneously
• Advanced skills in MS Word, Excel, PowerPoint, Teams, SharePoint and Outlook
• Work independently

To qualify for the role, you must have

• BA/BS degree or relevant experience
• 8-10 plus years of experience
• Typically, no less than 5 - 7 years relevant experience
• Flexible for overtime as required. Vacation dependent on business needs and cycles.
• Work primarily onsite in the EY office, client or meeting site as determined.
• Must be flexible to travel

Ideally, you’ll also have

• 5+ yrs. exp supporting senior leadership level executives in large organization or firm
• Project coordination experience