Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success. Work You'll Do + Support ISSOs in developing security risk profiles for systems and components, including the selection and documentation of applicable security controls and implementation details. + Create, track, and manage Plan of Actions and Milestones (POA&Ms) within the Cyber Security Assessment and Management (CSAM) tool. + Conduct Security Impact Analysis (SIA) to assess changes and their effects on system security posture. + Prepare and maintain core security documentation, including: System Security Plans (SSP), Security Assessment Reports, Contingency Plans, Incident Response Plans, Security policies and procedures, Executive summaries and Interconnection Security Agreements (ISA). + Contribute to the information security continuous monitoring process. + Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. + Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cybersecurity risk findings, and other complex problems. The Team Deloitte's Government and Public Services (GPS) practice - our people, ideas, technology, and outcomes-are designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise. Our Cyber Strategy & Transformation offering develops and transforms cyber programs in line with a client's strategic objectives, regulatory requirements, and risk appetite. It keeps the enterprise a step ahead of the evolving threat landscape and gives stakeholders confidence in the organization's cyber posture. Includes design of the cyber organization, governance, and risk assessments. Qualifications Required: + Bachelor's degree required. + Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future. + Ability to obtain and maintain the required security clearance. + Travel up to 15%, on average, based on the work you do and the clients and industries/sectors you serve. Must be able to work onsite in Washington DC. + A minimum of 4 years' experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar cybersecurity role with a focus on activities aligned to the Risk Management Framework. + 1+ years experience supporting the Risk Management Framework across cloud-based platforms such as AWS, Microsoft Cloud Solutions, Pega, Acquia, SailPoint, and Okta. Preferred Qualifications: + Experience with FEDRAMP package analysis is preferred. + At least one completed professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, CISSP, CASP + Master's Degree in Cybersecurity or related field. + Experience interfacing with varying levels of leadership within the cybersecurity organization. The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $76,700 to $127,900. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. As used in this posting, "Deloitte" means Deloitte Transactions and Business Analytics LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.