Massachusetts Jobs

Ankura is a team of excellence founded on innovation and growth.

Practice Overview:

This position supports the Ankura Risk, Forensics & Compliance practice - one of six practices focused on client delivery services across the Firm. The position will focus particularly on engagements with Ankura’s Compliance, Investigations, and Independent Oversight team.

Responsibilities:

• Working both independently and with team members as the project lead to successfully execute projects involving U.S. international trade and technology security controls, Defense Industrial Base (DIB) -related cybersecurity, and other national security-related compliance and program enhancement projects.

• Leading assessments of clients’ cyber and data security posture, including assessments of compliance with, NIST SP 800-53/FedRAMP, NIST SP 800-171/CMMC, NIST CSF, ISO 27001, CIS 18, OWASP, and other information security standards

• Leading assessments of enterprise information security programs with a focus on conducting technical interviews of IT and cybersecurity personnel.

• Developing and refining engagement approaches and project plans based on guidance from team leadership and experience

• Independently interfacing with clients and delivering high-quality work product, specifically including Plans of Action and Milestones (POAM) and System Security Plans (SSP)

• Building industry-recognized subject matter expertise in the national security and DIB cybersecurity domains, including keeping apace with developments in cyber frameworks and compliance, and producing timely, polished thought leadership. Professional and conceptual agility to design and execute compliance risk mitigation and information security solutions that are adaptive to client risks and requirements across multiple domains

• Helping clients navigate U.S. Government Security, international trade and technology control, and data security requirements

• Up to 20% travel required

Requirements:

• Bachelor’s Degree required

• Excellent research and writing capabilities required. Candidates must be able to independently produce complete, polished work products

• Experience conducting assessments and/or audits using U.S. federal government and international information security standards and frameworks including; NIST SP 800-53/FedRAMP, NIST SP 800-171/CMMC, NIST CSF, ISO 27001, CIS 18, and OWASP

• Relevant industry certifications such as; CompTIA Security+, CompTIA CySA+, CompTIA CASP+, CISSP, CISM, CISA, ISO 2700x, or comparable certifications

• Preferably, experience/expertise with trade control requirements and compliance program support

• Preferably, familiarity with one or more FedRAMP authorized cloud deployment models such as; Azure, AWS, and Google

• Preferably, familiarity and experience with secure software development practices (DevOps, DevSecOps)

#LI-Remote

*

Ankura is proud to be an equal opportunity employer committed to fostering a diverse and inclusive environment where mutual respect and collaboration is paramount. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity and expression, disability, protected veteran status, national origin, or any other legally protected status.