Job title: Security Management – Senior Consultant (LSA/SSA)
About
At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security.
By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas.
Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s client’s most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions.
The Team
Cyber & Strategic Risk
We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm.
Work you’ll do
The key job responsibilities will be to:
As a professional working for Cyber Strategy & Governance you’ll build and nurture positive working relationships with clients with the intention to exceed client expectations. You’ll:
• Perform comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system and Operational Technology (OT) system to determine the overall effectiveness of the controls in accordance with industry standards and frameworks
• Prepare, review, and analyze documents such as Plans of Actions and Milestones (POAMs), Security Assessment Reports (SAR), Security Assessment Plans (SAP)
• Manage and execute cyber risk engagements across the development lifecycle – strategy, design, implementation, and managed services
• Facilitate enterprise decision making by providing a holistic view of enterprise -wide cyber risk;, assessing the level of risk, and providing inputs into the management of risk
• Develop and tailor approaches, methods, and tools to support clients cyber risk programs and initiatives
• Strategically drive the development and execution of risk assessments and mitigation plans to enhance the client's ability to identify, evaluate, prioritize, and mitigate risks
• Design and develop cyber security strategies and programs for large and complex organizations adhering to industry standards and frameworks
• Assess, develop, and implement cyber security programs, including organizational design, cyber resilience, and other key processes for our clients
• Review clients’ cyber posture, strengths, and weaknesses in the context of business environment, goals, and objectives. Develop prioritized recommendations based on gaps and clients’ priorities and constraints
• Drive organizational changes and establish governance structures to achieve cyber goals and objectives
• Develop impactful reports and presentations that support the achievement of engagement goals and objectives
• Work with senior management stakeholders to define and implement overall future state philosophy and capabilities for the clients’ cyber security programs
• Lead project workstream and manage deliverables from inception to delivery, ensuring timelines, and quality standards are met
• Perform peer reviews and mentor team members
Required skills
Qualifications and Experience
• Bachelor’s degree in information technology or related field
• 5-9 years of information security experience
• Excellent communication (verbal and written) and interpersonal skills
• Proficiency in Microsoft Office (Excel, PowerPoint, and Word)
• Hands on experience working with industry standards and frameworks (e.g., ISO 27001, NIST, HIPAA, FedRAMP, PCI)
• Understanding of security requirements, contributions to security design and hands-on implementation of multiple security technologies and capabilities
• Hands on experience developing cyber security policies and standards
• Hands on experience working with stakeholders in identifying, prioritizing, and developing plans and roadmaps for cyber security program
• Broad domain knowledge and strong understanding of three or more cyber security domains including (but not limited to):
• Cyber risk strategy
• Cyber security maturity assessments
• Cyber security operations
• Security architecture
• Data protection and privacy
• Application security/SDLC
• Cloud security
• Cloud infrastructure security
• Incident response
• Cyber resilience
• Zero Trust
Preferred skills
• CISSP / CISM (or equivalent)
Qualification
• B.E. / B. Tech + MBA (Preferred)
• CISSP / CISM (or equivalent
#CA-GSD