Manager – GPS BISO
Deloitte
Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte Technology US (DT – US). We are curious and life-long learners focused on technology and innovation.
Recruiting for this role ends on Oct 16, 2024
Work youll do
The Cyber Security Manager, role provides support to Government and Public Services (GPS) Business Information Security Officer (BISO) function for maintaining the appropriate cyber security posture for systems and applications supporting business operations and client delivery. This will include determining security requirements, design specifications, and compliance controls as well validating adherence to security policies, standards, and industry-accepted best practices. This role will be responsible for providing technical and administrative expertise regarding security risks and risk mitigation approaches. Additionally, this role will assist in the creation a unified approach to security to support the rapid evolution and innovation needs of our information technology projects and cloud migration efforts.
Manage team to develop security documentation, architecture, and guiding principles to support information technology initiatives with a focus on cloud.
Maintain security accreditation packages in eMass, and other government accreditation programs to include NIST, and DoD Impact Levels 4/5 frameworks.
Drive, influence and coordinate a secure approach to the development of solutions across the enterprise.
Deliver deep technical guidance related to enhancing the security posture information technology solutions.
Participate in the security governance model, establishing policies, standards, and best practices.
Proactively address changes in the external threat landscape that have an impact on the use of on-premise and cloud computing technologies.
Lead, coach, and mentor project teams to incorporate security into enterprise and client-facing applications.
Assist with the integration of security into cloud services delivery standards.
Oversee and drive the design and implementation of security architecture controls in support of compliance requirements.
Develop and deliver communications to management and company-wide stakeholders.
Plan for system and application migration(s) to the cloud, adhering to the clients technical and business requirements.
Review and understand technical design documentation for integration and implementation of new cloud applications and systems.
Communicate effectively through strong written and oral communication skills for technical and non-technical audiences.
Develop and document technical designs for integration and implementation of new cloud applications and systems.
Integrate with non-cloud technologies and third-party vendor products/services.
Support security architecture and guiding principles and apply to information technology initiatives.
Deliver technical guidance related to enhancing the security posture of information systems solutions.
The team
Deloitte Technology US (DT – US) helps power Deloittes success, which serves many of the worlds largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.
The ~3,000 professionals in DT – US deliver services including:
Cyber Security
Technology Support
Technology & Infrastructure
Applications
Relationship Management
Strategy & Communications
Project Management
Financials
Cyber Security
Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of focus include:
Risk & Compliance
Identity & Access Management
Data Protection
Cyber Design
Incident Response
Security Architecture
Business Partnership
Required Qualifications:
Bachelors degree or equivalent in Information Technology, Computer Science, or Engineering.
Minimum 6 years of relevant experience in enterprise information security architecture and information security system design.
Minimum 2 years of experience including cybersecurity and/or risk management.
Minimum 1 year of people leadership or project management experience.
Limited immigration sponsorship may be available.
Preferred Qualifications:
Experience in multiple (two or more) cyber security disciplines such as Application Security, Cloud Security, Data Protection/Encryption, Logging and Monitoring, or Data Loss Prevention (DLP).
Experience with Amazon Web Services (AWS) security and Azure or GCP.
Security certification in Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or Certified Information Security Manager (CISM).
Strong Knowledge of cyber security standards and frameworks such as ISO 17799/27001, FEDRAMP, NIST 800-53, NIST 800-218, DoD RMF or NIST 800-171.
Demonstrated ability planning and developing support processes that adhere to Software or System Development Lifecycle best practices, with minimal supervision.
Able to lead the development of technical artifacts including Requirements Traceability Matrix (RTM), Detailed Technical Design, Security Architecture Plan, Services Description Document, etc., with minimal supervision.
Experience in managing Plan of Action and Milestones (POAM).
Experience with DISA STIG implementation, remediation, and compliance.
Experience in writing security control implementation statements and system security plans.
Experience with how servers, firewalls, and network Infrastructure interact with overall security posture.
Experience developing cloud security vision, strategy, and roadmaps.
Experience overseeing cloud infrastructure design and developing detailed architecture models for the client to host test, development, and production environments.
Exceptional verbal and written communication skills.
Experience supporting cyber strategy with cross-functional executive level stakeholders.
Demonstrated ability supporting organizational change and working with multiple business units.
Security certification in either Google – Professional Cloud Architect; AWS – Solutions Architect – Professional; or Azure – MCSE: Cloud Platform and Infrastructure (Infrastructure Focus)
Knowledge and experience across multiple information protection and security domains.
Knowledge of IT asset management and/or configuration information database (CMDB).
Deep understanding of non-cloud technologies and third-party vendor products/services integration.
Understanding of and ability to effectively apply trends and developments in global security and risk management.
Secret clearance.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $107,700 – $221,200
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
EAExpHire
RITM7755155
#LI-Remote
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.