Senior Manager SSDLC Operations Leader, Deloitte Global Technology

at  Deloitte

ENOUGH ABOUT US, LET’S TALK ABOUT YOU

• At least 10 years combined experience in cybersecurity working in an information security context
• At least 5 years holding a leadership or senior management role
• Ability to define strategy and influence senior stakeholders
• High degree of business acumen, understanding complex business needs and the value of secure design principles (SSDLC) and other cyber capabilities deliver in reducing cyber risk across Deloitte
• Excellent interpersonal and collaborative skills, with ability to communicate strategic information, security topics, policies, and standards as well as risk-related concepts to technical and non-technical audiences at various levels
• Lead a global team of diverse, experienced cyber professionals in a fast-paced environment
• Demonstrated knowledge of securing applications, large enterprise platforms and infrastructure systems (secure coding methods, WAF, application gateways, firewalls, servers, virtualized technologies)
• Securing cloud-based environments and understanding risks associated with cloud-based solutions hosted in M365, Azure, AWS and GCP
• Understanding of containerization technologies such as Kubernetes and Docker
• Understanding of DevSecOps and agile methodologies
• Understanding of applying secure system/solution design principles to prevent application specific security defects based on OWASP Top 10 vulnerabilities
• Understanding of identity management and federation technologies and concepts
• Knowledge of software development models (e.g., Waterfall Model, Agile)
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the NIST Cybersecurity Framework

EDUCATION:

• Bachelor’s degree in computer science, cybersecurity, other technology-related fields, or equivalent work- related experience in a similar role within a large multi-national organization considered

OUR PURPOSE

At Deloitte, we are driven to inspire and help our people, organization, communities, and country to thrive. Our Purpose is to build a better future by accelerating and expanding access to knowledge. Purpose defines who we are and gives us reason to exist as an organization.

By living our Purpose, we will make an impact that matters.

• Enjoy flexible, proactive, and practical benefits that foster a culture of well-being and connectedness.
• Experience a firm where wellness matters.
• Be expected to share your ideas and to make them a reality.

-
Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

Primary Responsibilities:

• Collaborate with senior business and technology leaders, supporting them in designing and building solutions that adhere to the firm’s (current and future) security design requirements, helping them in achieving their associated objectives and overall strategy and not being afraid to challenge decisions that may place the firm at risk.
• Ensure effective and on-time delivery of security guidance for complex technology systems and solutions within Deloitte Technology, completion of cyber reviews for applications migrating from on-prem data centers to public and private cloud environments.
• Build strong working relationships across the Global Cybersecurity organization, Shared Services Organization, SSDLC Optimization Team, and peers from member firm cyber teams.
• Represent Global Cybersecurity on the Global Architectural Review Board
• Ensure continued compliance with SSDLC requirements as defined by Deloitte and industry cyber frameworks (e.g., ISO 27001)
• Lead the evolution, development, and implementation of reporting metrics, demonstrating Cybersecurity value and risk reduction across your assigned technology customer area.
• Contribute to the ongoing evolution of the Business Information Security team