EY GPS is seeking a detail-oriented and experienced professional to support the implementation, documentation, and self-assessment of security controls in accordance with the NIST Risk Management Framework (RMF). The ideal candidate will have hands-on experience with key federal frameworks and guidance, including NIST SP 800-37 Rev. 2, 800-53A Rev. 5, 800-30 Rev. 5, 800-60, 800-59, 800-23, 800-47, 800-34 Rev. 5, and 800-84, FIPS 199, 200, and 191, and be capable of guiding systems through the full RMF lifecycle. Categorize: Define the system criticality and authorization type required Select: Determine applicable controls to meet and leverage (e.g. inheritance from cloud or other provider, enterprise services, etc.) Implement: Develop security architecture, system security plan (SSP) and implement required cybersecurity controls Assess: Conduct self-security assessment, collect artifacts and input package (Assessment Report and artifacts) Authorize: Authorizing Official reviews and approves package Monitor: Mitigate any findings from assessment, update package based upon system changes, conduct operational cybersecurity tasks and support continuous authorization.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Senior