EY Government Public Sector - Service Delivery 

United States, Texas, San Antonio 

536075260

Your Key Responsibilities

• Design and assess security architecture for technologies such as SaaS, PaaS, laaS, AI/ML, and Zero Trust Architecture (ZTA)
• Develop and implement application and cloud security architectures, primarily in AWS as well as Azure and Oracle
• Ensure compliance with cybersecurity frameworks including NIST 800-53, NIST 800-171, OWASP, CIS, STIG, SOX, CMMC and DFAR requirements
• Conduct network security assessments, focusing on ZTA, secure connectivity (Firewall Ingress/Egress), and data encryption, and key management
• Manage workload independently and escalate issues proactively; Collaborate directly with Product Owners to explain technical architecture requirements and address any related questions
• Effectively lead and motivate service delivery center team who support technology consulting engagements and provide technical leadership with the SRC&R service operations and delivery
• Provide guidance and direction to the on-site GPS SRC&R consultants in identifying process improvements, including junior staff members, enhancing existing SRC&R solutions and operating SRC&R processes as required
• Additional responsibilities include support in the following areas:
  • Assess cybersecurity controls, programs and strategies using our proprietary framework and industry frameworks
  • Operate SRC&R solutions based upon engagement defined policies and procedures
  • Cybersecurity measurements and monitoring development and operations
  • Cybersecurity strategy and roadmap development
  • NIST Risk Management Framework and Assessment and Authorization enhancement, operations and governance
  • Cybersecurity focused Supply Chain Risk Management and/or Third-Party Risk management operations, assessment and enablement
  • Cybersecurity process design and re-engineering
• Drive high-quality work products within expectedtimeframes in a fast-paced work environment
• Monitor progress and manage risk while ensuring stakeholders are kept informed about progress and expected outcomes
• Use knowledge of industry trends to identify engagement and client service issues and communicate this information to the on-site engagement team through written correspondence and verbal presentations.
• Stay informed of current Cybersecurity industry trends relevant to the services being delivered

Skills and attributes for Success

• Working knowledge of security frameworks and standards such as ISO 27001/2, PCI DSS, NIST 800-53, NIST CSF and the cybersecurity laws and regulations such as FISMA
• Ability to produce high-quality work products within expected timeframes
• Ability to interface with app development teams across time zones and drive engagements to completion
• Leadership experience

To qualify for the role you must have

• Bachelor's degree in a related field
• A minimum of 3 years of related work experience
• Proficiency in network security and security controls (firewalls, IDS/IPS, encryption, access management
• Experience with ServiceNow and AuditBoard
• Experience documenting security architecture, experience with cybersecurity architecture and design
• Familiarity with security frameworks and technologies
• Must be able to obtain and maintain a Secret-level clearance or higher
• Experience in one or more of the following areas:
  • Cybersecurity assessments
  • IT and cybersecurity policies, standards, procedures and controls
  • Cybersecurity strategies and roadmaps
  • Cybersecurity awareness and training
  • Cybersecurity metrics and reporting
  • Cybersecurity organization design and implementation
  • Cybersecurity and risk management solution design and implementation (e.g. SNOW IRM, Archer GRC, RiskLens, Azure Security Center, etc.)
  • Federal RMF solution operations (e.g eMass CSAM, Xacta, etc.)
  • Cybersecurity and IT architecture experience (e.g. cloud security architect, security architect)
  • Flexibility to travel up to 20%

• CISSP, CISM, CISA, CIPT, CIPM, CIPP CRISC or other relevant certification
• Prior experience in a service delivery center or similar environment
• AWS certification