This is a fantastic opportunity for a results driven individual to join Deloitte's Global Security and technology function. This is a cross-disciplinary team that supports security governance and implementations across all of Deloitte's member firm organisations. The role will require understanding of information security, technology and penetration testing. Successful candidates will be expected to demonstrate relevant experience working in a dynamic environment dealing with complex challenges, and communicating to all levels of the business.
The Penetration Testing Analyst is responsible for the operational processes that support the successful execution of this service. Once launched, the Security Analyst will also work in conjunction with member firms to triage new requests for penetration testing as well as reviewing and planning the annual penetration testing on behalf of member firms.
Establish relationships with member firms and find key contacts within IT functions, Risk Communities and client facing development teams
Provide guidance to member firms in regards to all facets of security testing (submitting scans, analysing scan results, remediation advice on secure coding techniques, etc.) including hands-on operational tasks as needed
Triage requests for penetration testing from member firms
Maintain the service inventory and vulnerability tracker. This will include reaching out to service owners to confirm information is up to date on a periodic basis
Arrange scoping, kick off, and closing calls for new and annual testing requirements
Closely monitor that testing pre requisites are met in order for testing engaged to proceed on time
Work in collaboration with member firms to confirm successful remediation activities and adherence to Global standards on vulnerability resolution time frames.
Have responsibility for scoping penetration testing activities to identify security weaknesses within services that Deloitte consume, develop, or recommend to clients
Develop a culture of in-depth understanding as to why security testing is required at both business and internal team level;
Provide quality reports to summarise test activities, including objectives, planning, methodology, results, analysis and recommendations to both technical and non-technical audiences. From the output of the reports provide suggested approaches to enhance further.
Deloitte offers integrated services that include Audit, Tax, Consulting and Corporate Finance. Our approach combines insight and innovation from multiple disciplines with business and industry knowledge to help our clients excel anywhere in the world.
We deliver outstanding impact on the reputation and success of our clients, in the UK and globally. In pursuing this we contribute to a sustainable and prosperous society.
At Deloitte we foster a collaborative culture where talented individuals can produce their best work. We value innovative thinking; diverse insights and we strive to offer an exceptional level of customer service through our expertise and professionalism.
To qualify for the role you must have:
Strong academics, including a minimum of 2.1 degree or equivalent industry experience
Understanding of information security principles and best practice (e.g., ISO27001 and ISF Standards of Good Practice for Information Security);
Strong technical abilities, combined with business acumen;
Ability to present security topics to a non-technical audience and presenting the business value of security;
A good understanding of IT networking and access management concepts;
Ability to communicate business and technical risk to all levels of audience;
Excellent interpersonal skills with the ability to build and influence teams; and
Self-motivated and able to deal with multiple projects.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com
Requisition code: DE19USAGTS004MB0594
Deloitte & Touche L.L.P.