GPS - Continuous Monitoring Manager - Supervising Associate

About The Position

Requirements

• Strong understanding of cloud security and application security concepts.
• Ability to interpret and apply NIST and FedRAMP control requirements.
• Strong written and verbal communication skills, with the ability to document technical information clearly.
• Ability to manage multiple tasks and priorities in a highly regulated environment.
• Comfortable working independently while collaborating across technical and compliance teams.
• Experience using vulnerability management and GRC tools.
• Degree in Information Assurance, Computer Science, or a related field, or equivalent professional experience.
• At least 5+ years of experience working with Continuous Monitoring & Compliance, Stakeholder Collaboration & Communication, POA&M & Risk Support and Documentation & Process Support
• Experience working in Azure and cloud computing environments.
• Security certification aligned to DoD 8570/8144 requirements (e.g., CISSP, CISM, CCISO, or equivalent).
• Hands‑on experience supporting FedRAMP and NIST‑based continuous monitoring activities.
• Experience participating in a vulnerability management program.
• Ability to obtain and maintain Top Secret Security Clearance

Nice To Haves

• Familiarity with SIEM tools and security event monitoring processes.
• Experience using automation or scripting to support security monitoring or reporting.
• Experience drafting or maintaining SOPs or compliance documentation.
• Experience working in highly audited or regulated environments.

Responsibilities

• Perform continuous monitoring activities for FedRAMP‑authorized systems, including control validation and evidence review.
• Analyze vulnerability scan results, audit events, and configuration deviations; work with technical teams to track remediation efforts.
• Support monthly and periodic FedRAMP Continuous Monitoring (ConMon) activities, including artifact preparation, inventory updates, and change tracking.
• Maintain familiarity with applicable NIST and FedRAMP requirements, including NIST SP 800‑37, NIST SP 800‑53, and NIST SP 800‑171.
• Assist with preparation of FISMA and FedRAMP‑aligned security reports for internal and government stakeholders.
• Work closely with Information System Security Officers (ISSOs), system owners, and project teams to address findings and clarify control implementation.
• Communicate security issues, remediation progress, and compliance status to internal stakeholders.
• Participate in recurring security and compliance meetings to support risk posture reviews.
• Provide mentorship and knowledge‑sharing support to junior security staff as needed.
• Support the management of POA&M items, including documentation updates, evidence collection, and status tracking.
• Assist in identifying risk mitigation strategies and documenting compensating controls.
• Help ensure remediation activities are aligned with FedRAMP timelines and expectations.
• Assist with maintaining and updating security documentation, SOPs, and procedural guidance.
• Support continuous improvement efforts related to monitoring processes, tooling, and reporting.
• Maintain awareness of evolving security threats and compliance requirements.

Benefits

• We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business.
• The base salary range for this job in all geographic locations in the US is $91,100 to $170,400.
• The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $109,300 to $193,600.
• Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography.
• In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
• Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances.
• You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.