USI-EH26-MF Canada-IT Security- A/SA-HYD

Hyderabad, Telangana, India

Back to search results
Back to search results

Position Summary

Role: Analyst or Senior Analyst

Description: The candidate would be responsible for identifying compliance gaps in IT systems, developing remediation plans, onboarding new compliance requirements, monitoring compliance posture, providing technical SME support, and ensuring the integration of secure software development lifecycle (SSDLC) practices into development processes.

SSDLC Reviews:

  • Conduct comprehensive reviews of the Secure Software Development Lifecycle (SSDLC) processes to ensure that security is integrated at every stage of software development.
  • Collaborate with development teams to identify security requirements, perform threat modeling, and ensure secure coding practices.
  • Perform static and dynamic code analysis to identify vulnerabilities and provide remediation guidance.
  • Develop and maintain security testing plans, including penetration testing, vulnerability assessments, and code reviews.
  • Provide training and support to development teams on secure coding practices and SSDLC best practices.

Vulnerability Management:

  • Identify, assess, and prioritize vulnerabilities in the organization's IT systems and applications.
  • Coordinate with IT and development teams to ensure timely remediation of identified vulnerabilities.
  • Develop and maintain vulnerability management policies, procedures, and standards.
  • Utilize vulnerability management tools and platforms to conduct regular scans and assessments.
  • Track and report on the status of vulnerability remediation efforts and provide regular updates to management.
  • Monitor and track the overall vulnerability posture of the firm, identifying trends and areas for improvement.
  • Develop metrics and dashboards to communicate the organization's vulnerability posture to stakeholders.
  • Work closely with respective teams for remediation efforts, providing technical expertise and support.

Compliance Management:

  • Ensure that the organization's IT systems and processes comply with firm standards and relevant industry standards and regulations, such as ISO 27001, NIST, GDPR, and HIPAA.
  • Conduct regular compliance assessments and audits to identify gaps and areas for improvement.
  • Develop and maintain compliance documentation, including policies, procedures, and audit reports.
  • Track and monitor the overall firm compliance posture, creating a single pane of glass/visibility for all compliance monitoring.
  • Develop metrics and dashboards to communicate the organization's compliance posture to stakeholders.

Other GRC Responsibilities:

  • Monitor and respond to security incidents and alerts, conducting thorough investigations and implementing corrective actions.
  • Participate in risk assessments and audits to identify and mitigate security risks.
  • Collaborate with other IT and business units to ensure security is integrated into all aspects of the organization's operations.
  • Act as a technical subject matter expert (SME) for remediation efforts, providing guidance and support to teams.
  • Collaborate with development and IT teams to integrate security requirements into their processes.
  • Participate in technical discussions and decision-making processes to ensure security considerations are addressed.
Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.
Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.
Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. 
Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

Requisition code: 304253