← all jobs

GPS - Cyber Security Policy Analyst - Supervising Associate

Work from home Full-time role Hiring

About the position The Information Security Cybersecurity Strategist is a core member of the EY Government and Public Sector (GPS) Information Security Team, contributing to the strategic direction and execution of the GPS information security program. The role focuses on strengthening the overall security posture of GPS by helping to protect organizational data, systems, and operations while supporting mission and business objectives in a highly regulated environment. The role supports enterprise risk management and compliance by aligning GPS information security practices with EY internal standards and frameworks, and by applying the NIST Risk Management Framework (SP 800‑37) along with security controls and maturity models from NIST SP 800‑53, NIST SP 800‑171, and the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC). Responsibilities include security governance activities such as policy and standards documentation, compliance oversight, and security awareness across GPS personnel, systems, and programs.

Responsibilities

  • Work with executive leadership to develop, maintain, and govern information security PSGs supporting the GPS Information Security Program
  • Translate recommendations from domain professionals, vendor and industry standards, guidelines and leading practices into high-quality, coherent information security PSGs
  • Harmonize GPS information security documentation with EY enterprise policies and standards, NIST security requirements, the DoD Cloud Computing Security Requirements Guide, and applicable regulatory obligations
  • Collaborate with Information Security, Information Technology, Data Protection, Legal, and other internal stakeholders to support consistent implementation of information security requirements
  • Identify and monitor appropriate information security training for all GPS personnel. While some training may be obtained, custom training will need to be developed.
  • Stay up to date with the latest best practices, industry trends, and government security regulations to proactively maintain compliance
  • Collaborate with external assessors and auditors and government officials during security audits and assessments

Requirements

  • Experience working in information security and understanding of information security concepts
  • Knowledge of information security policies/principles of handling and protecting information
  • In-depth understanding of NIST security documentation and CMMC framework such as FIPS and NIST-171 and 800 Series publications and their application.
  • In-depth understanding of DFARS related security requirements and their application.
  • General technical knowledge of operating systems, databases, networks, mobile technologies and cloud services
  • Strong English language skills are required – written and verbal
  • Good writing, presentation, interpersonal, and collaborative skills
  • Ability to collaborate with others to facilitate and enhance compliance with policies
  • Maintain awareness of the current security threat landscape
  • Experience with coordinating tasks, allocating resources, and following tasks and projects through completion
  • Experience with Microsoft Office (Word, Excel, PowerPoint, Visio, and Copilot)
  • Bachelor’s degree in information security/assurance, computer science, or a similar technical field.
  • A minimum of 3+ years of experience in information security, with a preferred focus on US government security requirements and compliance
  • Experience developing and implementing security policies, standards, and procedures in alignment with government security requirements
  • Excellent communication skills, with the ability to effectively articulate complex security concepts to both technical and non-technical stakeholders

Nice-to-haves

  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified CMMC Assessor (CCA) are highly desirable
  • Ability to obtain and maintain a Top-Secret Security Clearance

Benefits

  • medical and dental coverage
  • pension and 401(k) plans
  • a wide range of paid time off options
  • flexible vacation policy
  • designated EY Paid Holidays
  • Winter/Summer breaks
  • Personal/Family Care
  • other leaves of absence

More open positions

Security Analyst-IAM

Work from home Full-time role

Senior Cyber Threat Analyst

Work from home Full-time role

Cyber Threat Intelligence Analyst (DoD Secret Clearance)

Work from home Full-time role

Senior Threat Intelligence Analyst

Work from home Full-time role

[Remote] QA Engineer

Work from home Full-time role

Customer Success Manager - Core (Sales & Service) Clouds - HLS

Work from home Full-time role

Business Analyst (3 to 6 years experiences Candidate)

Work from home Full-time role

Clinical Documentation Improvement Specialist (CDI Specialist) - CDIP, CCDS, RN - Remote

Work from home Full-time role

[Remote] Data Engineer

Work from home Full-time role

Remote Social Media Engagement -Travel Enthusiasts (French/English)

Work from home Full-time role

Freelance Formulation Chemists & Laboratory Teams

Work from home Full-time role

Remote Part-Time Data Entry Specialist – $25/hr – Flexible Home-Based Position with careerzynith

Work from home Full-time role

Remote Human Resources Teacher

Work from home Full-time role

Director, Business Development – Hospitality (Northeast) Remote

Work from home Full-time role

AI Prompt Engineer, Remote

Work from home Full-time role

Customer Service Agent – Call Center Professional for Transportation & Logistics Support at careerzynith

Work from home Full-time role

Manager, Application Analyst

Work from home Full-time role

[Remote] Public Cloud Project Manager

Work from home Full-time role

Adjunct Professor, Integrated Reading and Writing (Applicant Pool 2025-2026)

Work from home Full-time role

Dispatcher I (911 Dispatcher, EMT, or Paramedic Experience only)

Work from home Full-time role

Experienced Data Entry Specialist – Content Database Management at careerzynith

Work from home Full-time role