I am...

Summary

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.

​

The exceptional EY experience. It's yours to build.

​

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

​

Company Overview

Ernst & Young LLP, an equal employment opportunity employer (Females/Minorities/Protected Veterans/Disabled), values the diversity of our workforce and the knowledge of our people.

• Our IAM services assist our clients in aligning security management strategy with business goals by managing who has access to which resources and services, as well as enforcing business, privacy, and security policies.
• Within the Identity analytics & intelligence team, you'll perform assessments in areas like application access assessment, capability maturity, IAM data analytics.
• The IAM strategy team involves developing IAM strategies and roadmaps, including operating model and governance, IAM policies, procedures, and standards.
• Provide clients with design and architecture, process design and re-engineering, cloud and mobile apps access management.
• Support IAM program management assistance & Privileged access management, roles and rules management, SOD management and other IAM compliance related activities.

To qualify for the role you must have

• A bachelor's degree / graduate degree in a related field and approximately 10+ years of related work experience
• Technology & delivery experience in one or more of user identity lifecycle management, directory services, role-based access control, single sign-on and federation solutions, privilege accounts lifecycle management solutions.
• An understanding of access control concepts including directory services, SAML, LDAP, PKI.
• Experience in ServiceNow, ITSM tool, ITIL v3 framework.
• Willingness to travel to meet client obligations.

​

Ideally, you'll also have

• CISSP/CISM/CCSP/CISA certification desired; non-certified hires are required to become certified within 1 year from the date of hire.
• Strong presentation and communication skills and ability to speak and work with IT director, VP, CISO and IT teams.

What we look for

We're interested in intellectually curious people with a genuine passion for cyber security. With your broad exposure across IAM, we'll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us – but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

Company Description

​

As a digitally-focused management consultancy, we do more than strategy. From strategy and design to architecture and development, we deploy senior, cross-functional teams to work hip-to-hip in the trenches with client teams.

​

Founded in 2003, Intevity (previously Twin Technologies) is a full service, digitally-focused management consultancy based in Boston, MA with remote offices and employees throughout the eastern and central US (Baltimore, Chicago, D.C., New York). Intevity focuses on both Commercial and Public Sector clients, with deep expertise in retail, software, and government. Intevity has key vendor partnerships with Adobe, AWS, and Salesforce.

​

We work on all phases of projects, from early discovery and design to strategy to execution. We are known for our vulnerability-based culture, high levels of craftsmanship, innovation, and trust; being able to truly connect with the needs and spot the real reasons why an organization is being held back from achieving their goals.

​

We specialize in digital transformation in retail, software, and government. We align audiences, optimize processes and build custom, cutting-edge experiences on leading platforms—all while helping businesses increase velocity while reducing organizational risk.

​

As an agile company, Intevity is committed to continually growing and evolving with the market to provide an environment where creativity, leadership, mentoring, planning, and resources are in place to achieve our shared goals.

• Subject Matter Expert (SME) in data entry and processes for eMASS, SNAP, PPSM, STIG viewer, etc
• Develop System Security Plan (SSP), Security Assessment Report (SAR) and POA&Ms to guide Product Owners through key processes for submitting IATT, ATO, and ATO-C packages
• Support the evaluation of security controls against the IaaS and PaaS offerings provided
• Support the creation and management of a new security risk management process in order to approve and authorize new capabilities and monitor the output of the process
• Conduct cyber security assessments using security controls per NAP 14.1C and 14.2-C relating to cyber security and training (NIST 800 series, DISA CC SRG, FISMA, and FIPS 199 and 200)

Required Qualifications

​

• Currently holds TS clearance
• 90% Remote (with a home office in DC, MD, VA area)
• Candidate must have an active Security + Certification and at least one security certification such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
• Experience working in AWS, Azure, or GCP to secure IaaS, PaaS, and SaaS offerings
• Subject matter expertise in conducting security risk assessments for on-prem, hybrid cloud, and cloud systems
• Highly proficient in knowledge of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)
• Knowledge of risk management policies, methods, standards, processes, governance models, and industry-standard risk analysis approaches
• Experienced with vulnerability scanning tools and technologies such as Prisma Cloud, ACAS, Tenable.IO, Harbor, Windows Defender, etc
• Familiar with Cloud based security monitoring tools such as Azure Monitor, Windows Defender, AWS CloudWatch, AWS CloudTrail, AWS Guard Duty, New Relic, Prisma Cloud, Prometheus, etc
• Profound ability to collaborate well with internal and external stakeholders
• Strong MS Office skills along with strong verbal and written communication skills

​

Preferred Qualifications

​

• Prior experience in the management of technology infrastructure is preferred
• Knowledge of the DoD is strongly preferred

Intevity offers a competitive and comprehensive employee compensation and benefits package that includes base salary ($115,000 - $135.000), medical, dental, and vision insurance, long and short-term disability insurance, life insurance, 401k program with company match, and an open PTO plan.

​

Intevity is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, national origin, disability, or protected veteran status.

Job Description

The Department of Records and Information Services is seeking to hire a Computer Systems Manager Non-Manager to serve as the Chief Information Security Officer (CISO).

​

The Computer Systems Manager-Non-Manager will be responsible for compliance with the Citywide Information Security Policies and for high level support of the agency’s computing infrastructure. This position requires an experienced technology professional with an understanding of modern computing practices and hands-on experience with networks, servers, software configuration standards for servers and desktop systems that are or may be attached to the enterprise network.

• Coordinate upgrades to the agency’s technology with the Office of Technology and Innovation.
• Oversee security awareness strategy and programs, including annual employee training and ongoing awareness campaigns to ensure all department employees understand and adhere to information technology policies and standards.
• Ensure compliance with City of New York, Citywide Information Security Policies.
• Track cyber security incidents and vulnerability reports and work on remediation of issues.
• Ensure identity and access management policies are documented.
• Produce documentation when / where needed.
• Ensure all IT systems are equipped and updated with necessary cyber protection tools.
• Continuously check for security gaps, document findings, and take necessary measures to rectify issues discovered.
• Verify patches, software updates are properly done. Missing patches, inconsistencies should be resolved.
• Analyze vulnerability reports and operationalize them by working with Tech support team member for remediation.
• Assess endpoint system health and suggest improvement or remediation steps.

Required Qualifications:

• A master's degree in computer science from an accredited college or university and three (3) years of progressively more responsible, full-time, satisfactory experience in Information Technology (IT) including applications development, systems development, data communications and networking, database administration, data processing, or user services. At least eighteen (18) months of this experience must have been in an administrative, managerial or executive capacity in the areas of applications development, systems development, data communications and networking, database administration, data processing or in the supervision of staff performing these duties; or
• A baccalaureate degree from an accredited college or university and four (4) years of progressively more responsible, full-time, satisfactory experience as described in "1" above; or
• A four-year high school diploma or its educational equivalent, and six (6) years of progressively more responsible, full-time, satisfactory experience as described in "1" above; or
• A satisfactory combination of education and experience equivalent to "1", "2" or "3" above. However, all candidates must have at least a four-year high school diploma or its educational equivalent and must possess at least three (3) years of experience as described in "1" above, including the eighteen (18) months of administrative, managerial, executive or supervisory experience as described in "1" above.

​

Preferred Qualifications:

• In the absence of a baccalaureate degree, undergraduate credits may be substituted for a maximum of two (2) years of the required experience in IT on the basis of 30 semester credits for six (6) months of the required experience. Graduate credits in computer science may be substituted for a maximum of one (1) year of the required experience in IT on the basis of 30 graduate semester credits in computer science for one (1) year of the required IT experience. However, undergraduate and/or graduate credits may not be substituted for the eighteen (18) months of experience in an administrative, managerial, executive, or supervisory capacity as described in "1" above.

The City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.