Deloitte | India Offices of the US

Cyber

Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat design and technology as we partner with clients to transform finance.

Position Summary

Level: Lead Solution Advisor

As an experienced Lead Solution Advisor at Deloitte Consulting, you move beyond foundational consulting tasks to take on more ownership and leadership within project teams. You will be responsible for individually delivering high quality work within due timelines.

The Team

Deloitte’s Cyber Strategy and Transformation practice is focused on helping our clients to design and implement transformational programs to reduce and manage cyber threats. We help our clients to define their overall cyber strategy, design global, pan-enterprise programs that focus on mitigating threats, evaluate their objectives, priorities, strengths and weaknesses and roll out large scale organizational changes to achieve goals.

Work You’ll Do

As a professional working for Cyber Strategy & Governance you’ll build and nurture positive working relationships with clients with the intention to exceed client expectations. You’ll:

• Perform comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system and Operational Technology (OT) system to determine the overall effectiveness of the controls in accordance with industry standards and frameworks
• Prepare, review, and analyze documents such as Plans of Actions and Milestones (POAMs), Security Assessment Reports (SAR), Security Assessment Plans (SAP)
• Manage and execute cyber risk engagements across the development lifecycle – strategy, design, implementation, and managed services
• Facilitate enterprise decision making by providing a holistic view of enterprise-wide cyber risk, assessing the level of risk, and providing inputs into the management of risk
• Develop and tailor approaches, methods, and tools to support clients cyber risk programs and initiatives
• Strategically drive the development and execution of risk assessments and mitigation plans to enhance the client's ability to identify, evaluate, prioritize, and mitigate risks
• Design and develop cyber security strategies and programs for large and complex organizations adhering to industry standards and frameworks
• Assess, develop, and implement cyber security programs, including organizational design, cyber resilience, and other key processes for our clients
• Review clients’ cyber posture, strengths, and weaknesses in the context of business environment, goals, and objectives. Develop prioritized recommendations based on gaps and clients’ priorities and constraints
• Drive organizational changes and establish governance structures to achieve cyber goals and objectives
• Develop impactful reports and presentations that support the achievement of engagement goals and objectives
• Work with senior management stakeholders to define and implement overall future state philosophy and capabilities for the clients’ cyber security programs
• Lead project workstream and manage deliverables from inception to delivery, ensuring timelines, and quality standards are met
• Perform peer reviews and mentor team members

Qualifications and Experience

Required:

• Bachelor’s degree in information technology or related field
• 5-9 years of information security experience
• Excellent communication (verbal and written) and interpersonal skills
• Proficiency in Microsoft Office (Excel, PowerPoint, and Word)
• Hands on experience working with industry standards and frameworks (e.g., ISO 27001, NIST, HIPAA, FedRAMP, PCI)
• Understanding of security requirements, contributions to security design and hands-on implementation of multiple security technologies and capabilities
• Hands on experience developing cyber security policies and standards
• Hands on experience working with stakeholders in identifying, prioritizing, and developing plans and roadmaps for cyber security program
• Broad domain knowledge and strong understanding of three or more cyber security domains including (but not limited to):
• Cyber risk strategy
• Cyber security maturity assessments
• Cyber security operations
• Security architecture
• Data protection and privacy
• Application security/SDLC
• Cloud security
• Cloud infrastructure security
• Incident response
• Cyber resilience
• Zero Trust

Qualification:

• B.E. / B.Tech + MBA (Preferred)
• CISSP / CISM (or equivalent)