Deloitte | India Offices of the US

Senior Analyst – Endpoint and Data Security - Deloitte Support Services India Private Limited (USI)

The Organization

At Deloitte, we’re all about collaboration and nowhere is this more apparent than among our 3,000+ strong internal services team, with our combined specialist skills we provide all the essential support and advice to our client-facing colleagues need across the firm. This enables them to focus all their efforts on delivering the best service possible to their clients. Covering seven distinct areas; Human Resources, Clients & Industries, Finance & Legal, Practice Support Services, Quality & Risk Services, IT Services, and Workplace Services & Real Estate, together we live, breathe, and deliver the Deloitte experience by creating an impact that matters.

The Team

The Endpoint and Data Security (EPDS) team as part of Internal Client Services (ICS) provides day-to-day administration and management of infrastructure security-related applications, ensuring the security controls are in place as per defined policies within the firm’s technology estate and are providing satisfactory protection. The team is responsible for maintaining the data security, web proxy, endpoint security and security infrastructure of the UK member firm.

Location

Hyderabad, Telangana, India

Shift Timing

IST: 2:00 PM - 11:00 PM/1:00 PM - 10:00 PM (during the UK daylight saving time)

Role Requirement

• next generation anti-virus include Advanced Threat Protection (ATP) and Endpoint Detection and Response (EDR) solutions.
• Hands-on experience with managing compliance of ATP/EDR solution for the entire estate. (workstations/servers)
• Good understanding and hands on knowledge Public Key Infrastructure (PKI) and various cryptography/encryption methods.
• Hands on experience on managing web SSL certificate (issuance, renewal, disposal), Code Signing cert using a certificate management solution.
• Hands of experience on managing encryption key for data security purpose using a key management solution.
• Understanding of data security concepts.
• Understanding and knowledge of USB device/port control solutions along with various device classes. (Windows and Mac)
• Hands on experience providing exception to USB and peripheral devices as per the requirement and policy defined using device control solution.
• Understanding and hands on experience of web proxy server along with cloud-based next gen Secure Web Gateway (SWG), CASB solutions.
• Understanding of TCP and UDP protocols along with three-way handshake, TLS/SSL etc.
• Intermediate understanding and hands on experience on managing URL filtering, content filtering, SSL inspection, file type block and malware detection on web traffic.
• Basic troubleshooting experience of identifying SWG/CASB policy related blocks on the network.
• Basic understanding and hands on knowledge of collecting HAR logs, inspecting web traffic using browser developer tools, packet capture tools etc.
• Handling and assisting other senior members with project or ad-hoc tasks.
• Excellent written and verbal communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts.
• Knowledge and hands on experience of ITIL service management framework.
• Be able to collaborate with clients.
• A team player with an ability to work collaboratively and positively motivate self.
• Ability to work in a hybrid work environment, offering support to team members remotely along with being able to work as part of a geographically separated team.
• Overall understanding of various enterprise infrastructure platforms such as servers, databases, storage, Active Directory etc.
• Understanding and awareness of firmwide Cyber Security policies and standards.
• Understanding of Identify and Access Management (IAM), vulnerability management etc.
• Knowledge of security AD groups and their usage in policy configurations.
• Intermediate knowledge and understanding of IT infrastructure security concepts such as networking, load balancer, IPsec, IDS/IPS, VPN etc.
• Willingness to learn additional technologies, not focused on a single technology/application.

Roles and Responsibilities

• Managing and handling and Advanced Threat Protection exception request as per business requirement by coordinating with Global ATP team.
• Ensure Member Firm compliance standard is met for ATP/EDR solution by working closely with relevant stakeholders.
• Issuing SSL/code signing certificate and managing certificate lifecycle as per the defined process.
• Working on encryption key management solution using appropriate tool (Data Security platform) to manage lifecycle of encryption key (generation, rotation, destruction, import and export) and troubleshoot reported issues.
• Work on Data Security platforms and provide necessary permission to business users as per firm’s security policy, along with troubleshooting any potential issue.
• Troubleshoot USB storage/peripheral device connectivity issues, also ensure USB storage device exception is granted as per defined security policies.
• Perform troubleshooting of Cloud Secure Web Gateway (SWG), CASB related issues, raise necessary change in MF and exception request with Global Web Protection Team using respective IT Service Management tool.
• Handling of managed file transfer and SFTP requests as per the defined process and troubleshoot any potential issue.
• Work on Data Security platforms and provide necessary permission to users as per firm’s security policy, along with troubleshooting any potential issue.
• Ensuring certificate CMDB inventory is accurate and consistent with the data available certificate management platform.
• Handling and management of Incident, Incident Tasks and Request Items, Problem Tasks as per defined SLA.
• Able to perform in-depth investigations into reported incidents/request items, problem tasks including high priority issues.
• Co-ordinate and follow up with respective Global teams on raised support requests/incidents until closure.
• Pro-active approach to identify and mitigate any security risk.
• Responsible for maintaining platform health checks and stability.
• Assist with KPI metric and reporting across the estate.
• Assist with any Cyber Security audit or Member Firm Standards audit.
• Assist with pen test activities and remediation of vulnerabilities associated with EPDS platforms.
• Maintain technical support relationships with vendors.
• Provide out of hours support as per on-call Rota.
• Prepare and maintain KB articles, SOPs related to EPDS managed platforms.
• Plan and implement continual service improvements across all the platforms.

Tools and Technologies

• Advanced Threat Protection (ATP) / Endpoint Detection and Response (EDR)
• Data Security Platform
• Varonis Data Security
• Public Key Infrastructure (PKI)
• Next gen Cloud Secure Web Gateway Management
• Key and Certificate Management platform
• Device Control Solution
• Cloud Access Security Broker (CASB)
• ShareFile
• Service Now
• System Center Operations Manager (SCOM)

Qualification

• Bachelor of Engineering/Bachelor of Technology or any equivalent graduation degree.
• 4-6 years’ experience in an endpoint and data security or infrastructure security operations role.

Certification (Good to have)

• CompTIA Security+
• CEH
• ITIL 4