Cyber Risk Core Infrastructure Architect

Deloitte & Touche L.L.P. Washington , DC 20319

Posted 2 weeks ago

Core Infrastructure SECURITY SENIOR ARCHITECT (Senior Manager or Specialist Leader)

Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Infrastructure Security practice and become a member of the largest group of Cyber Risk individuals worldwide.

Work you'll do

As a Core Infrastructure Senior Security Architect, you will be at the front lines with our clients supporting them with their Cyber Risk needs. The Core Infrastructure Senior Security architect will leverage broad technical knowledge of security principles and technologies to help clients design bespoke security architectures and secure their critical information. You'll work with Information Technology and Security teams to design and deploy security architectures to address client priorities, regulations and requirements across the client infrastructure. You'll be:

  • Leading the Security Design and Architecture on client engagements.

  • Conducting security analysis of prospective clients' environments based on Deloitte's Cyber Risk Framework.

  • Performing Security Assessments of environments using industry standard frameworks such as ISO, CSA-CSM and NIST.

  • Executing on security engagements during different phases of the lifecycle assess, design, and implementation.

  • Securing the integration of multiple environments (both IT and OT) across on-premise, multi-cloud, and hybrid architectures

  • Designing and developing security policies, standards and procedures e.g. firewall management, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management.

  • Develop Whitepapers / Point of Views (PoV) and other technical eminence materials.

  • Developing plans and blueprints for leveraging the latest security technologies and practices

The team

Deloitte Advisory's Core Infrastructure Security team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient.TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory's Cyber Risk Services practice.

Qualifications

Required:

  • 8-10+ years designing, deploying and operating information security architectures

  • Depth of experience with multiple security technologies such as Firewalls, Intrusion Detection/Prevention Systems, Vulnerability Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, CASB, SIEM, Content Filtering, Cloud Security gateways, Secure Proxies, SSL crypto solutions.

  • Demonstrated capability to design, deploy and operationalize secure and highly scalable enterprise systems

  • Experience with multiple security domains such as: secure software development, data protection, cryptography, key management, identity and access management (IAM), network security, mail security, software defined networking, access controls, web based security, network and host based intrusion detection systems.

  • Experience in architecting and deploying secure software defined and virtualized networks

  • Understanding of industry regulatory and compliance requirements (i.e., FedRAMP, PCI-DSS, NIST, HIPAA) and skilled at interpreting the compliance and security requirements into implementable and repeatable controls

  • Experience architecting and deploying security capabilities and native cloud security controls on atleast one of the major Cloud Service Provider (CSP) platforms (e.g., GCP, Azure, AWS)

  • Experience designing and deploying truly "hybrid" security architectures across traditional data center, cloud, IT and OT environments

  • Created and maintained security policies and procedures, managing the protection of information systems and assets.

  • Strong client interfacing, relationship building, and consulting skills.

  • Proven ability to drive account focused sales and practice business growth across industry sectors in the Infrastructure Security space.

  • Proven ability in developing technical thought leadership and other eminence pieces in the Infrastructure Security space. Eminence in speaking at industry leading security focused forums such as RSA would be a plus.

  • Must be willing to travel up to 80% within North America.

  • BA/BS Degree required, MS preferred. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.

Preferred:

  • Previous Consulting or Big 4 experience preferred.

  • Certifications such as CISSP, SABSA, CCSP, CCSK, CCNP, CCNA, MCSE, MCSA certification a plus.

How you'll grow

At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center.

Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

Deloitte's culture

Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.

Corporate citizenship

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte's impact on the world.

Recruiter tips

We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you're applying to. Check out recruiting tips from Deloitte professionals.

#LI:PTY

#lND:PTY

#CB

As used in this document, "Deloitte" means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available. https://www2.deloitte.com/us/en/pages/careers/articles/ban-the-box-notices.html

Requisition code: E19NATESPLCH001-CORE


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Enterprise Cyber Engineer Or Architect

LS Technologies, LLC

Posted 2 days ago

VIEW JOBS 3/23/2019 12:00:00 AM 2019-06-21T00:00 Job Description LS Technologies, LLC is seeking a highly motivated, energetic, results-oriented Enterprise Cyber Engineer or Architect. The incumbent will have experience with strategy, technology, strategic messaging long term thinking The Specialist will provide strategic engineering, technical and program office support to the Federal Aviation Administration as they consider benefits new and emerging technologies will provide balanced by the security vulnerabilities those technologies will introduce into the support organization. Responsibilities * Provide specialized expertise in the information security needs of the enterprise services. * Participate on a team for providing expert analysis of cybersecurity architecture, compliance with Federal regulation and policy, and commercial best practices relating to cyber security. * Assist with defining the strategies and tactics to protect data/service confidentiality, integrity, and availability. * Work with the enterprise cybersecurity organization to identify appropriate controls, defenses, and remediation. * Review, analyze, discuss, and evaluate the implementation of security controls in multiple information system environments. * Evaluate the performance of ongoing security maintenance, for example, continuous monitoring (ConMon) or continuous diagnostics and mitigation (CDM). Requirements * 16+ years relevant work experience in security frameworks. * Strategic planning related to evolution from system based risk evaluation and management to enterprise-level (e.g,. Service thread) risk management. * Support development of strategic plan and conops (including coordinating strategic engagements with communications plan) for transition of organizational responsibilities. * Support development of conops for executing paradigm change in how FAA TechOps manages cyber security of the NAS. * Develop and execute program strategic communications plan. Enhance and manage P3 engagements and interagency communications. * Support outreach and messaging with FAA stakeholders . * Develop crisis communications conops and plan. * Experience with Federal policies and directives concerning information technology, cybersecurity, and infrastructure protection is required * Experience working with FAA NAS or similar industrial control system cybersecurity is highly desirable. * General Networking skills. * Self-starter with a high level of personal accountability, strong communication skills and business acumen. * Ability to interact, develop, engineer and communicate collaboratively at the highest technical levels with customers, vendors, partners, and all members of staff. * Successful track record of transition and operational implementation of mission critical systems/capabilities into a cloud architecture. * Experience performing risk assessments of cloud-based systems, designing and/or implementing network, security, virtualization or cloud system solutions. * Strong communication and technical writing skills necessary to prepare and conduct instruction, provide technical briefings and prepare technical reports and collaborate with other team members. Education * BS in engineering, hard sciences, mathematics or related field. * Advanced degree- preferred Technical certifications desirable, such as: CCNP Security, AWS, FITSP, GIAC, ISACA, CISSP, JNCP, MCSE, VCP/VCAP. Travel * 0 - 20% LS Technologies, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. LS Technologies, LLC Washington DC

Cyber Risk Core Infrastructure Architect

Deloitte & Touche L.L.P.