No more applications are being accepted for this job
- Design and implement robust data security frameworks tailored for a data mesh ecosystem, ensuring secure data sharing and access across decentralized nodes.
- Develop and enforce comprehensive privacy policies and procedures in compliance with global data protection regulations (e.g., GDPR, CCPA) to safeguard sensitive information within the data mesh infrastructure.
- Create dynamic access control policies that adapt to the evolving needs of a distributed data environment, leveraging advanced technologies like AI for real-time decision-making.
- Lead the integration of security practices into the data lifecycle, from ingestion through to analytics and archiving, ensuring data integrity and confidentiality across all phases.
- Conduct regular security assessments and audits to identify vulnerabilities within the data mesh ecosystem, and develop mitigation strategies to address identified risks.
- Collaborate with cross-functional teams to foster a culture of security awareness, ensuring that data security and privacy principles are embedded in all data operations.
- Stay abreast of the latest cybersecurity trends, threats, and technologies to continually enhance the security posture of the data mesh ecosystem.
- Author and manage critical security artifacts, including SOPs, RMF deliverables, security plans, and contingency plans, ensuring they are adapted to the data mesh architecture.
- An in-depth knowledge of data mesh architecture and its core principles is highly desirable although not strictly required.
- Proven expertise in designing and managing security solutions within complex, distributed data environments.
- Thorough understanding of encryption protocols for data at rest and in transit, ensuring secure data communication and storage.
- Demonstrated ability to enhance security through robust audit and alerting mechanisms, supported by comprehensive server-side security policies.
- Proficiency in implementing and maintaining security architectures compliant with Zero Trust principles.
- Comprehensive knowledge of Federal Government security controls, assessment procedures in FISMA, and NIST SP 800-53, with a focus on applying these within a distributed data infrastructure.
- Demonstrable experience with cloud service providers like Azure, AWS, etc., and an understanding of their security features.
- Strong knowledge in implementing security best practices specifically for distributed architectures, ensuring secure, distributed data management and access.
- Proficiency in conducting risk assessments and developing mitigation plans, with a focus on identifying potential threats and vulnerabilities within a distributed data ecosystem.
- Demonstrated ability to integrate robust security measures into a distributed data infrastructure, safeguarding against unauthorized access.
- Experience with data privacy, classification, and access tools such as Immuta, Azure IAM, Azure data catalog, or Gigya.
- Eligibility to obtain and maintain a Secret Clearance.
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
- 4+ years of experience in a security engineering role, with a focus on data security, privacy, and access management.
- DoD or government experience preferred
- Professional certifications, such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CCSP (Certified Cloud Security Professional) or equivalent certifications strongly preferred.
- Familiarity with Federal Information Processing Standards and DoD Risk Management FrameworkDue to the nature of our work in the Government and Public Sector, work may be required to be completed at client, EY and/or contractor sites
- Continuous learning: You'll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We'll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You'll be embraced for who you are and empowered to use your voice to help others find theirs.
Government and Public Sector - McLean, VA, United States - Ernst & Young
Description
EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualitiesAt EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you
And we're counting on your unique voice and perspective to help EY become even better, too
Join us and build an exceptional experience for yourself, and a better working world for all
Government and Public Sector - AI & Data - Data Security Engineer - Senior From strategy to execution, the Government and Public Sector practice of Ernst & Young LLP provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes
We deliver real change and measurable results through our diverse, high-performing teams, quality work at the highest professional standards, operational know-how from across our global organization, and creative and bold ideas that drive innovation
We enable our government clients to achieve their mission of protecting the nation and serving the people; increasing public safety; improving healthcare for our military, veterans, and citizens; delivering essential public services; and helping those in need
EY is ready to help our government build a better working world
EY delivers unparalleled service in big data, business intelligence, and digital analytics built on a blend of custom-developed methods related to customer analytics, data visualization, and optimization
We leverage best practices and a high degree of business acumen that has been compiled over years of experience to ensure the highest level of execution and satisfaction for our clients
At EY, our methods are not tied to any specific platforms but rather arrived at by analyzing business needs and making sure that the solutions delivered meet all client goals
The opportunity The Data Security Engineer position is designed for individuals with a solid foundation in cybersecurity standards and controls, with a particular emphasis on designing solutions that cater to the rigorous security demands of Government clients within a distributed data infrastructure
Utilizing a deep knowledge of National Institute of Standards and Technology (NIST) controls, you will be tasked with implementing technical solutions that not only comply with these controls but also facilitate coordination and consensus among our clients
This role demands specialized experience in data security, particularly within a data mesh architecture, requiring the capability to delve into technical details as well as the unique ability to distill complex topics for executive communication
Your key responsibilities
In certain circumstances, travel may be required beyond your work location based on client and project needs
Candidates should be willing to travel on average 25% to 30% or more in a hybrid environment
What we look for We're interested in leaders with strong teamwork, work ethic, commitment to continuous improvement and a desire to stay on top of technology trends
If you have a genuine passion for helping businesses achieve the full potential of their data, this role is for you
At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you
And we're counting on your unique voice and perspective to help EY become even better, too
Join us and build an exceptional experience for yourself, and a better working world for all
What we offer We offer a competitive compensation package where you'll be rewarded based on your performance and recognized for the value you bring to our business
In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options
Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances
You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
The exceptional EY experience
It's yours to build
EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate
Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today
EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law
What we offer We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business
The salary range for this job in most geographic locations in the US is $96,200 to $158,900
The salary range for New York City Me