I am...

Summary of the Role and Company Overview

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.

The exceptional EY experience. It's yours to build.

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

From strategy to execution, the Government & Public Sector practice of Ernst & Young provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes. We deliver real change and measurable results through our diverse, high-performing teams, quality work at the highest professional standards, operational know-how from across our global organization, and creative and bold ideas that drive innovation. We enable our government clients to achieve their mission of protecting the nation and serving the people; increasing public safety; improving healthcare for our military, veterans, and citizens; delivering essential public services; and helping those in need. EY is ready to help our government build a better working world.

• Providing expert guidance and training to staff on best practices for privileged access management and security awareness.
• Applying solutions for managing privileged access within cloud service provider tools (AWS IAM, Azure Directory)
• Addressing platform specific implementation requirements for Windows Server (Server 2012, Server 2022) and Linux operating systems (Redhat Enterprise Linux, Amazon Linux)
• Security Architecture
• Implementing and supporting NIST best practices for the Least Privilege Model for the enterprise
• Implementing advanced capabilities including Just-In-Time Provisioning for Privileged Access, Zero Trust principles, Privileged Account Session Management, Privilege Elevation and Delegation Management, and Lifecycle Management
• Working with other security engineers to develop and implement security policies and procedures as applied to cloud service provider hosted systems
• Supporting the development and enhancement of enterprise secrets management uses cases and features, including backend vault platforms
• Implementing Role Based Access Controls (RBACs) and manage ongoing infrastructure changes, ensuring implementation of least privilege and separation of duties best practices within cloud and on prem environments.
• Providing identity cloud expertise to inform strategic cloud policy and updated cloud governance and architecture to be aligned with PAM initiatives. Experience with Microsoft Azure is preferred but AWS experience is also considered valuable
• Scripting and automation; scripting languages like PowerShell, Python, or others for automating tasks and processes related to privileged access management tools
• Manage and govern privileged accounts on multiple systems and applications. Identify owners, who is using it (humans or systems), develop risk-based classification models, and partner with other teams to timely redress and remediate unsafe practices or accounts
• Experience with common tools for automation in owned-premise and cloud service provider operating environments (Jenkins/Cloudbees/Harness i.o, Github actions, AWS Lambda) beneficial
• Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment.
• Strong troubleshooting skills to identify and resolve issues related to privileged access management tool implementations
• Supporting Continuous Diagnostics and Mitigation (CDM), work with other security, engineering, and operations teams to develop necessary safeguarding, logging, alert generation, etc. to detect relevant anomalies.
• Monitoring, recording, auditing, and analyzing privileged access, sessions, actions, across multi-cloud, hybrid-cloud, and on-prem systems
• Managing definition, planning, and delivery of work product through Agile SCRUM, Kanban.

Required Qualifications:

• Bachelor’s Degree
• 5-8+ years of relevant experience
• Strong communication and leadership skills, with the ability to collaborate effectively across all levels of the organization
• Effective communication skills to articulate technical concepts to both technical and non-technical stakeholders
• Deep technical knowledge of PAM tools and technologies (e.g., CyberArk)
• High level of proficiency in Microsoft Office applications (Word, Excel, Project and PowerPoint)
• Ability to coordinate SMEs across multiple knowledge domains to offer solutions to USCIS mission needs

Preferred Qualifications:

• Consulting experience or experience working on technical projects
• MS in STEM degree

Due to the nature of our work in the Government and Public Sector, work may be required to be completed at client, EY and/or contractor sites. Our goal is to assign professionals to projects within a commutable distance of their work location office. In certain circumstances, travel may be required beyond your work location based on client and project needs. Candidates should be willing to travel on average 25% to 30% or more in a hybrid environment.

What we look for

We’re interested in intellectually curious people with a genuine passion for cybersecurity. With your broad exposure across Cyber Transformation, we’ll turn to you to speak up with innovative ideas that could make a lasting difference not only to us – but also to the industry. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

Summary Information

Responsible for developing and maintaining the technical IT / cyber security reporting capabilities necessary for safeguarding the firm's information systems and applications (software development lifecycle), influencing Vulnerability Management executive decisions.

Company Overview

NA

• Lead the development and maintenance of the cyber capabilities around analytics and reporting to support vulnerability management, RedTeam, penetration testing and application security domains in alignment with vulnerability standard.
• Support Cyber Security Executive and Operational reporting streams within and outside of Cyber Security Organization.
• Partner with security and Lines of Business on reporting requirements, and work closely with reporting automation group(s) thru dashboards implementation.
• Support cyber and business reporting requirements and update internal documentation with existing and new use cases.
• Set the team's direction and communicate individual and team priorities and deliverables for the team against expected results. Make leadership decisions within established policies, procedures, and established objectives.
• Lead highly complex and visible projects with notable risk and complexity

Required Qualifications:

• Bachelor’s degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience
• Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security
• Previous experience in leading complex IT projects

Preferred Qualifications:

• CISSP Certification
• Master’s degree or MBA and ten years of experience in business analysis or an equivalent combination of education and work experience
• Banking or financial services experience
• Prior management experience
• Experience in leading large-scale complex projects from beginning to end
• ISSEP Certification
• Other security certifications (e.g. CCNA Security, GSEC, GCED, GPPA, etc.)
• Other technical Certifications (e.g. CCNA, RHCE, MCSE, etc.)

• Sitting: Constantly (More than 50% of the time)
• Visual / Audio / Speaking: Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone.
• Manual Dexterity / Keyboarding: Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers.
• Availability: Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need.
• Travel: Minimal and up to 10%
• General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.

Job Title: Chief Information Security Officer

Company Overview: Health & Human Services Comm, CHIEF INFO SECURITY OFFICE

The Chief Information Security Officer (CISO) is selected by and reports to the Chief Information Officer, working under minimal supervision, with extensive latitude for the use of initiative and independent judgment. The CISO is responsible for coordinating information technology security activities and creating and communicating a broad-based IT security conscious culture across the organization. The CISO performs highly advanced managerial work providing direction and guidance in strategic IT operations and planning. The CISO oversees the development of enterprise level security policies, coordinates and leads information technology physical and logical security activities, is responsible for performing IT risk management activities, IT security awareness, IT security architecture, and IT security incident management. The CISO plans, assigns and supervises the work of others in functional areas of the delivery of the enterprise security program.

• Oversees the development and monitoring of information technology security practices to ensure HHS information and technology infrastructure is appropriately available and secure from unauthorized access, inappropriate alteration or destruction. Oversees internal and external resources that safeguard HHS IT assets and systems. Ensures systems/application comply with IT security policies, industry and state regulations, and best practices. Oversees investigations into security violations and breaches and reports such violations when needed. Responsible for the development and maintenance of IT risk assessment, system security planning, contingency planning and support for the various audits and examinations. Evaluates information security controls and suggests improvements include modification of existing controls and the addition of new, more effective controls. (30%)
• Oversees the management of the development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security and compliance with Chapter 202 of Title 1 of the Texas Administrative Code (1 TAC 202), Information Security Standards, and Internal Revenue Code, Title 26 of the U.S. Code (26 USC) 6103(l)(7). Continually refines the IT Security & Risk Strategy, ensuring critical data, assets and infrastructure are secure by working to keep cyber defenses, operations and the overall organization prepared for current and ongoing threats. (30%)
• Defines the HHS Information Security Roadmap and manages the budget associated with the delivery of security functions across the HHS Enterprise. Identifies and implements information security goals, objectives and metrics consistent with HHS risk tolerance, organizational mission and IT strategic plans. (15%)
• Oversees the coordination of collaboration of information security across the HHS enterprise. Oversees the development and delivery of security services to agencies within the HHS enterprise. Works closely with other executives to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology. Collaborates with other information systems team members, staff and vendors to design, implement, maintain and monitor secure systems and processes supporting a high level of confidentiality, integrity and availability. Educates users about Information Security Requirements, Policies, and Procedures and consults on security issues as it relates to strategic initiatives for the organization. Partner closely with other Information Technology divisions (Infrastructure and Applications team) to ensure that all applications are developed with security in mind. (15%)
• Represents the HHS Enterprise both internally and externally on information security matters. Leads committees and participates in statewide security initiatives. Works with outside consultants as appropriate for independent security audits. (10%)

Required Qualifications:

• Extensive working knowledge of federal, state, and local information security compliance requirements.
• Extensive working knowledge of information security auditing and risk management.
• Working knowledge of business continuity planning.
• Working knowledge of and the ability to negotiate and monitor complex contracts, service level agreements, and performance metrics.
• Excellent Skill in performing complex security analyses and operationalizing security changes.
• Ability to identify problems, evaluate alternatives, and implement effective solutions.
• Excellent skills in communication, both verbal and written with skills in presenting information to executive level management, public, and legislative audiences.
• Superior mentoring and leadership skills.
• Skill in building and promoting effective working relationships with user and stakeholder communities operating in a large enterprise environment.
• Demonstrated leadership and management skills required for a large, complex, and sophisticated technical and professional workforce.
• Ability to manage multiple large scale projects.

Preferred Qualifications:

• College degree in computer science, management information systems, engineering, or a related STEM field.
• Master’s degree in a computer science, cybersecurity, or management information systems preferred.
• 10 years of prior experience leading large technical or security teams preferred.
• Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) and/or Cisco Certified Internetwork Expert (CCIE) Security certifications are preferred.

Job requires many presentations and publicly speaking engagements, including testifying.

Note: There may be no military occupation(s) that relate to the initial selection criteria and registration or licensure requirements for this position. All active duty military, reservists, guardsmen, and veterans are encouraged to apply if qualified to fill this position. For more information, see the Texas State Auditor’s Military Crosswalk at Military Crosswalk Guide - Prepared by the State Auditor's Office (texas.gov)

HHS agencies use E-Verify. You must bring your I-9 documentation with you on your first day of work.

In compliance with the Americans with Disabilities Act (ADA), HHS agencies will provide reasonable accommodation during the hiring and selection process for qualified individuals with a disability. If you need assistance completing the on-line application, contact the HHS Employee Service Center at 1-888-894-4747. If you are contacted for an interview and need accommodation to participate in the interview process, please notify the person scheduling the interview.