Ankura Director, Information Security in Massachusetts
Ankura is a team of excellence founded on innovation and growth.
This position supports the Ankura Risk, Forensics & Compliance practice - one of six practices focused on client delivery services across the Firm. The position will focus particularly on engagements with Ankura’s Compliance, Investigations, and Independent Oversight team.
Working both independently and with team members as the project lead to successfully execute projects involving U.S. international trade and technology security controls, Defense Industrial Base (DIB) -related cybersecurity, and other national security-related compliance and program enhancement projects.
Leading assessments of clients’ cyber and data security posture, including assessments of compliance with, NIST SP 800-53/FedRAMP, NIST SP 800-171/CMMC, NIST CSF, ISO 27001, CIS 18, OWASP, and other information security standards
Leading assessments of enterprise information security programs with a focus on conducting technical interviews of IT and cybersecurity personnel.
Developing and refining engagement approaches and project plans based on guidance from team leadership and experience
Independently interfacing with clients and delivering high-quality work product, specifically including Plans of Action and Milestones (POAM) and System Security Plans (SSP)
Building industry-recognized subject matter expertise in the national security and DIB cybersecurity domains, including keeping apace with developments in cyber frameworks and compliance, and producing timely, polished thought leadership. Professional and conceptual agility to design and execute compliance risk mitigation and information security solutions that are adaptive to client risks and requirements across multiple domains
Helping clients navigate U.S. Government Security, international trade and technology control, and data security requirements
Up to 20% travel required
Bachelor’s Degree required
Excellent research and writing capabilities required. Candidates must be able to independently produce complete, polished work products
Experience conducting assessments and/or audits using U.S. federal government and international information security standards and frameworks including; NIST SP 800-53/FedRAMP, NIST SP 800-171/CMMC, NIST CSF, ISO 27001, CIS 18, and OWASP
Relevant industry certifications such as; CompTIA Security+, CompTIA CySA+, CompTIA CASP+, CISSP, CISM, CISA, ISO 2700x, or comparable certifications
Preferably, experience/expertise with trade control requirements and compliance program support
Preferably, familiarity with one or more FedRAMP authorized cloud deployment models such as; Azure, AWS, and Google
Preferably, familiarity and experience with secure software development practices (DevOps, DevSecOps)
Ankura is proud to be an equal opportunity employer committed to fostering a diverse and inclusive environment where mutual respect and collaboration is paramount. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity and expression, disability, protected veteran status, national origin, or any other legally protected status.
- Ankura Jobs