Position Summary

Manager – CyberSecurity (CS) Assurance /CISO/ITS

Your opportunity

To work in the innovative and creative CISO team. A world class operation with extensive knowledge and experience. Interfacing with business and technical teams and bringing about change and influence across the whole world of Deloitte. Apply your skills here to make things happen. You will be part of a great team that are passionate about our work in serving a great purpose.

Work you’ll do

As a CyberSecurity Assurance Manager, you will.

·       Support Business Lines/Project teams through the Globally mandated Secure Service Development Lifecycle (SSDLC) when introducing new services and systems, or changes to existing services and systems, whilst also providing relevant information security control requirements.

·       Define security non-functional requirements for projects and ensure that they are fulfilled prior to handing over to operations/BAU.

·       Liaise with the Information Security testing team to ensure that code reviews, application scanning and infrastructure scanning is conducted as part of CS assurance process.

·       Develop and present information related risks to Senior Manager – IS Risk and Assurance and the CISO

·       Working and collaborating with the wider UK Information Security team, UK Deloitte Business Security, UK IT Services, NSE, and Global Information Security and Risk teams.

·       Representation at the Change Advisory Board (CAB) to review change requests presented.

·       Evaluate and assess ITGC or Information Security controls.

·       Evaluate existing processes to understand inefficiencies or ineffectiveness involved. This includes reviewing the design adequacy & operational effectiveness of BAU processes.

·       Must showcase Effective stakeholder management as a part of role responsibility.

·       Seek feedback from the audience and incorporate it to come up with win-win solutions.

·       Clearly demonstrate how changes in a process will bring about improvements.

·       Be a self-starter, could problem solve, identifying issues and solutions options with minimal oversight and handholding.

·       Create a business case that caters to different audiences (mid-level & senior management). Review design and architectural design documentation and data flow diagrams and provide security requirements and input.

·       Support IT and Business transformation projects by ensuring they are risk-assessed, and controls and security requirements are met through the transformation lifecycle.

·       Attend business governance meetings as required representing the Information Security team.

·       Evaluate the adequacy of security controls implemented during various stages of IT project lifecycle

·       Performs technical testing of controls (as applicable) for assurance and validation of IT asset compliance.

·       Document best practices for security and information assurance based on business and user requirements.

Your professional experience/Qualifications

·       10 – 12 years of experience.

·       Preferably holds industry accreditations such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC).

·       Demonstrable understanding of information security risks and controls inherent in various technologies, along with related security best practices.

·       Knowledgeable in various cyber technologies, including mobile threat defense, endpoint protection, data loss prevention, insider threat protection, device hardening, classification, and key & certificate management.

·       Proven ability to identify risks associated with business processes, operations, information security programs, and technology projects.

·       Awareness and understanding of the OWASP top 10 risks.

·       Clear knowledge of security standards, methodologies, or frameworks such as ISO27001 or COBIT.

·       Excellent written and verbal communication skills.

·       Ability to thrive in a fast-paced, deadline-driven environment.

·       Demonstrated excellence in competencies such as teamwork/collaboration, analytical thinking, communication and influencing skills, and technical expertise.

·       Capable of managing changing priorities and handling multiple projects.

·       A degree or master's in information security or computer science is desirable but not essential.

·       Demonstrable knowledge of good security practices, ensuring adherence to the principles of confidentiality, integrity, and availability.

·       Experience in an information security or risk management role, including tasks such as conducting risk assessments, risk assurance activities, and documentation.

·       Proven experience in taking proactive responsibility, following up, and resolving issues in a manner that positively impacts team delivery and inspires the team.

·       Working knowledge of the SSDLC process.

·       Basic understanding of project management principles.

·       Excellent persuasion, influencing, and interpersonal skills.

·       Understanding and experience with the risk management process.

·       Strong critical thinking and analytical skills.

Your work, your choice

In the CISO team we are results focused and believe in excellence in respect in all aspects of our work and interaction with each other. We make full use of technologies that help support different ways of working. At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We, therefore, carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. If the working pattern you are looking for is not specifically indicated below, we are happy to discuss alternative arrangements.

Location: Hyderabad

Timings: 1 PM to 10 PM

How you’ll grow

At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India

Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

Deloitte’s culture

Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy livesLearn more about Life at Deloitte.


Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.
Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work.
Our purpose

Deloitte’s purpose is to make an impact that matters for our clients, our people, and in our communities. We are creating trust and confidence in a more equitable society. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. We are focusing our collective efforts to advance sustainability, equity, and trust that come to life through our core commitments. Learn more about Deloitte's purpose, commitments, and impact.
Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

Requisition code: 211835