Grant Thornton LLP Senior IT Security Expert in Houston, Texas
Grant Thornton is seeking a Manager to join its Risk Advisory service line and take an active role in engagement execution, project management and key business development activities.
Grant Thornton Public Sector helps executives and managers at all levels of government maximize their performance and efficiency in the face of ever tightening budgets and increased demand for services. We give clients creative, cost-effective solutions that enhance their acquisition, financial, human capital, information technology, data analytics, and performance management. For more information, visit grantthornton.com/publicsector.
At Grant Thornton, our professional staff applies traditional, cutting-edge approaches and methods to a variety of analyses. As part of our team, the Manager will utilize various methodologies and models to execute client projects.
_PLEASE NOTE: THIS ROLE IS LOCATED IN NEW ORLEANS, LA._
ESSENTIAL DUTIES: * Ensure proper assessment and implementation of approved security practices/procedures related to information systems security * Collaborate with Sys Admin on managed implementation of security measures and requirements * Advise system owners (SO) regarding security considerations through entire system lifecycle * Provide advice and assistance to stakeholders on security-related issues * Assist in development and maintenance of system security plans and contingency plans * Assist in periodic testing of contingency/disaster recovery (DR) plans * Participate in risk assessments to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies * Assess and perform continuous monitoring of security control effectiveness * Participate in self-assessment of system safeguards and program elements and in security accreditation of the system * Maintain POA&Ms * Work with SOs to develop, train on, and testing of incident response plans * Notify government of suspected incidents, and assist in the investigation of incidents * Maintain cooperative relationships with business partners or other interconnected systems * Create/deliver presentations on security topics * Promote compliance with customer's IT policies and procedures * Conduct research/analysis on impacts of system modifications, technological advances and malicious code * Collaborate on development of new/updated processes, creation of templates, implementation of tools, and other initiatives to improve the client’s risk management process and utilize existing tools and templates * Provide knowledge of Federal IT security best practices and tools, current security threat trends, and broad knowledge of IT technologies/operations * Support network, system administration, computer operations * Assist in performing NIST SP 800-30/NIST SP 800-39 risk assessments and applying NIST SP 800-53 security controls * Participate in functional tests as well as training exercises * Operate and support managing unclassified IT security/Information Assurance solutions/tools in the context of Federal IT Security regulations and guidance such as NIST 800-53, NIST 800-37 rev 1, and FIPS 199 * Provide SME level support for assessment and authorization (A&A) activities and implementing and applying Risk Management Framework to FISMA * Provide support with the Department of Justice’s CSAM Tool * Provide responses to audit requests * Approve Infrastructure tickets * Perform engagement management responsibilities, including performance reviews, task delegation, project scheduling, project financials, quality review and client management. * Meet or exceed sales targets for new and follow-on work. * Manage business development activities, such as proposals, capture, account teams, whitepapers, conferences, and/or other thought leadership materials. * Meet or exceed targeted billing hours (utilization). * Act as performance manager (coach) for up to four coachees outside of engagement responsibilities. * Interview campus and/or experienced candidates.
- 7 yrs of IT security compliance and auditing compliance experience with NIST 800-53 for a major federal gov agency
- 2 yrs of related tech experience supporting IT security compliance for the a fed instance of Momentum Financials
- Knowledge of FISMA and Federal IT security best practices and tools
- Experience supporting a federal shared services environment
- Recent experience with USDA Policies & Procedures
- Required cert: CISSP
- Bachelor’s Degree required from an accredited college or university in a related field.
- Ability to obtain and maintain certain job-related certifications if no job-related advanced degrees.
- U.S. citizenship may be required. Ability to work in the United States indefinitely required.
- Travel may be required.
- Coach and mentor junior staff members.
- Ability to work overtime required on occasion.
- Ability to sit in an office environment for long periods of time.
- Ability to obtain and maintain a security clearance.
- Ability to communicate clearly in writing and verbally.
- Ability to obtain and maintain firm independence and abide by firm ethics requirements.
- Meet or exceed continuing professional education (CPE) requirements. Grant Thornton LLP is the U.S. member firm of Grant Thornton International, one of the six global accounting, tax and business advisory organizations. Grant Thornton’s Public Sector, based in Alexandria, VA, is a global management consulting business with the mission of providing responsive and innovative financial, performance management and systems solutions to governments and international organizations. Visit Grant Thornton’s Public Sector at www.grantthornton.com/publicsector.
It is Grant Thornton’s policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law.
Title: Senior IT Security Expert
Requisition ID: 041390