Government and Public Sector - Cybersecurity Risk and Change Management Senior Consultant

Government and Public Sector – Cybersecurity – Physical Access Control (PACS) Engineer, Senior

From strategy to execution, the Government & Public Sector practice (“GPS”) of Ernst & Young provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes. We deliver real change and measurable results through our diverse, high-performing teams, quality work at the highest professional standards, operational know-how from across our global organization, and creative and bold ideas that drive innovation. We enable our government clients to achieve their mission of protecting the nation and serving the people; increasing public safety; improving healthcare for our military, veterans and citizens; delivering essential public services; and helping those in need. EY is ready to help our government shape the future with confidence.

The opportunity  

The Risk and Change Management Senior Consultant is responsible for providing expert risk management and change management services to ensure alignment with organizational objectives, regulatory compliance, and operational excellence. This hybrid role combines strategic risk oversight with operational change management, enabling seamless transitions and mitigating risks associated with deployments, new initiatives, and system enhancements. You’ll act as a trusted advisor, collaborating across teams to identify risks, optimize processes, and ensure adherence to established frameworks and standards. 

Your key responsibilities 

• Risk Management:
  - Manage the ESSD ICAM Risk Register, ensuring risks are reviewed, analyzed, and updated regularly in Maestro JIRA. 
  - Facilitate weekly Risk Review meetings to assess risks with statuses such as "Identified," "Assigned," "Analyzed," "Monitoring," and "Escalated." 
  - Analyze new risks, add treatment and contingency plans, set priority levels, and assign risks to appropriate team members. 
  - Monitor risks with upcoming or past expiration dates, ensuring timely updates and mitigation strategies. 
  - Provide expert guidance on risk mitigation strategies, ensuring alignment with ICAM objectives and compliance with client regulatory requirements. 
  - Collaborate with stakeholders to identify potential risks in deployments, system changes, and enhancements, optimizing process efficiency and designing effective controls. 
  - Act as a thought leader in risk management, building credibility and fostering strong relationships across teams. 

• Change Management:
  - Coordinate and facilitate weekly Change Review Board (CRB) meetings, ensuring all Change Requests (CRs) are reviewed, prioritized, and assigned appropriately. 
  - Review CRs with statuses such as "Ready for CRB" and "Submitted," ensuring proper categorization and readiness for review. 
  - Update CR tickets in Maestro JIRA with comments, priority levels, sprint team assignments, and relevant dependencies. 
  - Ensure compliance with ITIL best practices and client change management standards. 
  - Monitor and maintain change records in the ITSM Service Management tool to comply with SLAs/KPIs and organizational processes. 
  - Conduct Post Implementation Reviews (PIRs) for failed or emergency changes, identifying root causes and recommending improvements. 

• Deployment Coordination and Release Management:
  - Manage Deployment Change Requests (DCRs), micro Deployment Change Requests (mDCRs), Maintenance Change Requests (MCRs), and Emergency Change Requests (ECRs) for ICAM systems. 
  - Facilitate Test Deployment Planning (DP) and Production Deployment Planning (DP) meetings, ensuring deployment plans are reviewed, resources are available, and technical artifacts are validated. 
  - Schedule and coordinate Maintenance Windows (MWs) for system deployments, ensuring all required attendees are present and deployment plans are executed efficiently. 
  - Review deployment artifacts, update deployment plans during maintenance windows, and ensure rollback plans are in place. 
  - Use MS Teams to monitor deployment requests and facilitate communication between Scrum Masters, Product Owners, and technical teams. 
  - Ensure deployment calendars are updated regularly and align with client schedules. 
  - Provide internal communications to stakeholders, including system owners, regarding deployment status, completion, and any issues encountered. 

• Knowledge and Skills Requirements:
  - Strong understanding of risk management principles, frameworks, and regulatory requirements
  - Comprehensive knowledge of ITIL processes, particularly Change Management, with certification preferred. 
  - Familiarity with the Software Development Lifecycle and operational environments within DHS ESSD ICAM. 
  - Advanced interpersonal skills to engage stakeholders across all levels of the organization, fostering collaboration and building credibility. 
  - Proven ability to analyze complex issues, identify solutions, and negotiate resolutions in a dynamic environment. 
  - Excellent oral, written, and presentation skills, with the ability to adapt communication style to diverse audiences. 
  - Strong analytical and problem-solving skills, with experience in data-driven decision-making. 
  - Proficiency in Microsoft Office tools (Excel, Visio, PowerPoint) and knowledge-sharing platforms like SharePoint. 
  - Ability to work in rotational shifts and weekends as required. 
  
  

To qualify for the role, you must have  

• Bachelor’s degree in information technology, Business or other relevant discipline
• At least 4-5 years of relevant consulting or industry experience
• Experience in risk management, change management, or a related field, preferably within DHS or a federal agency.
• Experience working in a geographically dispersed and diverse team environment. 
• Strong capabilities in communications and engagement strategy and delivery
• Knowledge of hybrid workforce strategy
• The ability and willingness to work in excess of standard hours when necessary to support production deployments
  
  

Due to the nature of our work in the Government and Public Sector, work may be required to be completed at client, EY and/or contractor sites. Our goal is to assign professionals to projects within a commutable distance of their work location office.  In certain circumstances, travel may be required beyond your work location based on client and project needs. Candidates should be willing to travel 20 – 30% or more.

Ideally, you'll also have  

• Supervisory experience or project management experience
• Minimum of ITIL Change Management practitioner certification or equivalent experience
• Advanced certifications in risk management or ITIL processes

What we look for 

We’re interested in intellectually curious people with a genuine passion for cybersecurity. With your expertise, we’ll turn to you to speak up with innovative ideas that could make a lasting difference not only to us – but also to the industry. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

What we offer

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

•    Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
•    Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
•    Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.