Data Protection Security Architect

Deloitte & Touche L.L.P. Washington , DC 20319

Posted 2 months ago

Deloitte Services LP includes internal support areas such as Marketing and Communications, Human Resources/Talent, Information Technology, Facilities Management, and Financial Support Services.

Data Protection Security Architect

Location: Hermitage/Nashville, TN, Rosslyn, VA or can consider other locations in the US (Remote/Virtual)

Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte's Information Technology Services (ITS). We are curious and life-long learners focused on technology and innovation.

Work you'll do

We are seeking an experienced Data Security Architect to join the US Cybersecurity Data Protection Team. This is a Senior Cyber Security Role that is highly strategic, requires prior hands on technical cyber security engineering experience and will have the responsibility to provide data security direction and guidance for all US data protection initiatives. This person will play a key role in ensuring consistent implementation of data security controls and design principles within Deloitte US Member Firm, and to help understand where our data resides, and how to protect it. The role requires cyber security and data security industry knowledge, leadership and collaboration skills to work with Senior Managers, Technical Delivery Managers, Business Information Security Officers, Program Management Office, Data Owners, Data Custodians, IT Infrastructure Teams, Confidential and Privacy Champions, Office of Confidentiality and Privacy Leadership etc. in a cross functional environment. The successful candidate will report directly to the US Data Protection Senior Manager, and their role will be to act as a Senior Security Architect/Engineer, primarily focused on areas of data protection, data access governance, data classification, data loss prevention and data encryption.

Responsibilities:

As part of the US Data Protection team, this professional will have the following core responsibilities:

  • Act as a subject matter expert in the areas of data loss prevention, data access governance, cloud data loss prevention, cloud access security broker, data classification, data encryption and other data protection related technologies.

  • Drive the implementation of appropriate controls around the use, storage, management and distribution of unstructured data within Deloitte US member firm.

  • Support the Data Classification and Rights Management Service Owner in adoption, growth and roll out of the service within Deloitte US Member Firm.

  • Review technology designs with analysts, focusing on data protection principles and technologies, taking local, regional and US regulatory requirements into account (e.g. SOX, HIPAA, PCI etc.).

  • Work with Office of Confidentiality and Privacy, Business Information Security Office, Deloitte Business Leaders and Enabling Areas on practical implementation of data protection policies and controls across Deloitte US Member Firm.

  • Communicate and serve as a Technical Subject Matter Expert overseeing the implementation of data security solutions required to meet business objectives.

  • Lead the technical configuration, implementation, administration and management of multiple data protection cyber security products and solutions.

  • Perform vendor evaluations and proof of concepts for service improvements, in-flight projects and emerging technologies.

  • Investigate, design & architect cyber data protection controls as they are identified.

  • Develop and maintain an in-depth understanding of Deloitte's business processes, core systems, technologies, data, client engagement teams and customers.

  • Closely collaborate with Global Cybersecurity Data Protection Team to help develop US Data Security technical roadmap.

  • Assist with the implementation and translation of data security policies.

  • Establish effective working relationships across various line of business and US member firm security & IT leaders to understand their business requirements to help execute their business strategy.

  • Be up to date on industry trends around cyber risk and data protection practices.

The team

Information Technology Services (ITS) helps power Deloitte's success. ITS drives Deloitte, which serves many of the world's largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.

The ~2,500 professionals in ITS deliver services including:

  • Security, risk & compliance

  • Technology support

  • Infrastructure

  • Applications

  • Relationship management

  • Strategy

  • Deployment

  • PMO

  • Financials

  • Communications

Cyber Security

The US Cyber Security team within ITS is responsible for vigilantly protecting Deloitte and client data. The team is responsible for a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand. Areas of focus include: Cyber Design, Risk & Compliance, Technology Risk Management, Identity & Access Management, Data Protection, Incident Response and Architecture.

  • US Cyber Data Protection Team

The Deloitte US Cybersecurity Data Protection Team is responsible for securing and protecting confidential data of Deloitte US Member Firm. The primary mission of the team is to implement and enhance the Cybersecurity controls to protect data for its 94,000+ US Employees and the clients they serve.

Education:

Bachelor's degree: degree in business administration, a technology-related field, or equivalent education-related experience preferred

Qualifications:

  • Minimum 8 years of IT experience with 3 years in a Senior Security Architect type role.

  • Experience with a combination of the following technologies:

  • Data Loss Prevention (DLP) Technologies (i.e. Symantec DLP, RSA DLP, Office365 DLP)

  • Data Access Governance (DAG) Technologies (i.e. Veritas Data Insight, Varonis Datadvantage)

  • Cloud Access Security Broker Technologies (i.e. Symantec CloudSoc CASB, Netskope CASB)

  • Data Classification and Rights Management Technology (i.e. Azure Information Protection and Azure Rights Management)

  • Data Encryption, tokenization, masking and redaction technology solutions.

  • Experience implementing and designing security controls for Microsoft O365 technologies across including: Azure AD, Exchange Online, SharePoint Online, OneDrive for Business and Teams

  • Experience working in a matrix model and will be required to support and lead specific cybersecurity technical initiatives, as well as act as an advisor & subject matter expert in non-cybersecurity led initiatives and projects, across multiple organizational functions

  • Experience in a highly complex organization promoting business and/or cybersecurity strategies and working with individuals across different time zones and understanding cultural differences

  • Demonstrated experience in designing and implementing technology and process solutions to reduce the potential risk of data compromise.

  • Understanding of the entire ecosystem of data protection including well-rounded understanding of the information security domains and their inter-relations across that ecosystem including Public Key Infrastructure (PKI) and database activity monitoring.

Certification:

Professional security certification strongly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), CompTIA Security+ etc.

Skills/abilities:

  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels

  • Ability to translate technical/security issues to business users

  • Strong relationship, team building and facilitation skills

  • Knowledge and experience of Information Security Risk and Security governance

  • Ability to travel as needed (but no more than 15-20%)

How you'll grow

At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

Deloitte's culture

Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.

Corporate citizenship

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte's impact on the world.

Recruiter tips

We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you're applying to. Check out recruiting tips from Deloitte professionals.

As used in this posting, "Deloitte" means Deloitte Services LP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available. https://www2.deloitte.com/us/en/pages/careers/articles/ban-the-box-notices.html

Requisition code: E20NATSMGRLJ035-ITL5


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Data Architect

Obxtek

Posted 2 days ago

VIEW JOBS 10/19/2019 12:00:00 AM 2020-01-17T00:00 Overview OBXtek Inc. is an established, award-winning, service disabled veteran owned business providing information technology and professional management services to the federal government. Our corporate growth has coincided with our investment in our employees as well as in outreach to our civilian and military community. Responsibilities Performs data modeling (conceptual, logical and physical model design) for information systems/databases and data warehouses. Performs database replication, migration, and design. Translates business data from structured and unstructured resources into a usable enterprise information architecture, which may include data models, metadata schema, controlled vocabularies, ontologies and taxonomies. Duties * Conducts an analysis of information systems/applications and performs process analysis. * Assists with the design of the agency's overall information architecture across multiple data types accounting for both structured and unstructured content balancing security, analytics, and performance requirements. * Oversees the flow of data model development including conceptual, logical and physical models. * Utilizes data extraction, transform and load (ETL) languages/tools and maintain version control of ETL Mappings to * Generate and use ETL scripts to pull data from transaction databases and populate the data warehouse. * Design, develop, test and implement a new cloud-based enterprise data warehouse to include migration of data from the legacy data warehouse. * Translates business data from wide variety of structured and unstructured resources into a usable enterprise information architecture, which may include data models, metadata schema, controlled vocabularies, ontologies and taxonomies. * Supports for the design of corresponding search engine for data retrieval. * Works with to perform source system analysis, identification of key data issues, and data profiling. * Provides a consultative approach with business users, asking questions to understand the business need and deriving the data flow, logical and physical data models based on those needs. Qualifications * Fifteen (12) years of experience supporting information systems/databases. * Eight (8) years of experience with data modeling (conceptual, logical and physical model design) to include support for data warehouse environments. * Working knowledge of database replication, migration, and design * Experience in data analysis for information systems/databases * Knowledge of tools for automated data extraction and cataloguing of unstructured content in a metadata schema * Knowledge in the use of data validation scripts and business rules data families and executing iterative data cleansing techniques * Experience using code expressions for the creation of complex queries * Experience in data retrieval supporting custom reporting. * Experience with structured query language * Experience securing data * Understands how to communicate difficult/sensitive information tactfully. * Proven ability to meet cost, schedule, and performance requirements for projects. * Exceptional verbal and written communication skills and leadership skills Company Information Headquartered in Tysons Corner, Virginia and founded in 2009, OBXtek is a fast-growing leader in the government contracting field. Our mission is Our People…Our Reputation. Our people are trained professionals who enhance our customers' knowledge and innovation using technology, collaboration, and education. We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement plans and much more. As a prime contractor for 93% of our current work, OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine. OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, gender identity, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law. Obxtek Washington DC

Data Protection Security Architect

Deloitte & Touche L.L.P.