Deloitte Security Design Engineer/Specialist in Detroit, Michigan
Deloitte is one of the leading professional services organizations in the United States, specializing in audit, tax, consulting and financial advisory services with clients in more than 20 industries. We provide powerful business solutions to some of the world s most well-known and respected companies, including more than 75 percent of the Fortune 100.At Deloitte, you can have a rewarding career on every level. In addition to challenging and meaningful work, you ll have the chance to give back to your community, make a positive impact on the environment, participate in a range of diversity and inclusion initiatives, and find the support, coaching, and training it takes to advance your career. Our commitment to individual choice lets you customize aspects of your career path, your educational opportunities and your benefits. And our culture of innovation means your ideas on how to improve our business and your clients will be heard.Security Design Engineer/SpecialistLocation:Open Any US OfficeCareer Level:5 (Manager) Job SummarySecurity Design Engineer/Specialist works directly with Deloitte Function Specific Subsidiaries (FSS) Information Security Officer (ISO) as well as various FSS client service leaders, technical and non-technical stakeholders to support cyber security program adoption in the construction and enhancement of commercial technology and cloud enabled solutions. This Security Design Engineer/Specialist role is responsible for elevating the security posture of FSS applications by driving enhanced security in the software design and architecture process, developing or validating security requirements, and driving successful completion of security evaluation and testing. Additionally, validating adherence to security policies, standards, and industry-accepted best practices. Working between technical and non-technical domains, the role is responsible for providing technical cyber security expertise including risk mitigation approaches.The Security Design Engineer/Specialist will support the development of information technology solutions by leading and evaluating the security components of architectures and compliance in key cyber areas such as cloud security, Identity and Access Management (IAM), application vulnerability management, and/or data protection. This will include determining security requirements, design specifications, and compliance controls as well validating adherence to security policies, standards, and industry-accepted best practices. Additionally, this role will assist in the business adoption of a unified governance to security to support the rapid evolution, compliance, and innovation needs of our information technology projects and cloud migration efforts required in the FSS business (e.g., Advisory, Tax, etc.). ResponsibilitiesDevelop security architecture and guiding principles to support information technology initiativesInfluence and coordinate a secure approach to the development of solutions across the enterpriseDeliver technical guidance related to enhancing the security posture of information technology solutionsParticipate in the security governance model, establishing policies, standards and best practicesContribute in addressing changes in the external threat landscape that have an impact on the use of on-premise and cloud computing technologiesLead, coach and mentor project teams to incorporate security into enterprise and client-facing applicationsAssist with the integration of security into cloud services delivery standardsOversee and drive the design and implementation of security architecture controls in support of compliance requirementsDevelop and deliver communications to management and company-wide stakeholdersUp to 25% travel requiredMinimum Qualifications Education: Bachelor s Degree or equivalent experience in Information Security, Computer Science, or Information Systems Years of Experience:7 years of related experience, including cybersecurity and/or risk management experience in organizations of a similar scale or client-service experience in the field. Other Specific Skills or KnowledgeAdvanced generalist - organizational skills and experience, including project- or role-based experience in the following: policy and standards, risk management and reporting, and change management / adoptionC-level and executives (Partners/Principals and Managing Directors) interaction experienceExperience driving strategy with cross-functional executive level stakeholdersDemonstrated ability to drive organizational change and work with multiple business units of an organization to effect changeExceptional verbal and written communication skills. Must be able to interact effectively with professionals at all levels and communicate recommendations with diplomacy and tactKnowledge and experience across multiple information protection and security domainsKnowledge of IT asset management and/or configuration information database (CMDB)Solid background in general security practices such as identity and access management (IAM), encryption, and multi-factor authentication, security information and event management (SIEM), and othersBroad knowledge and experience across IT infrastructure with security frameworks and standards such as ISO 17799/27001, NIST, PCI, and other relevant security-related regulations Understanding of and ability to effectively apply trends and developments in the area of global security and risk managementAbility to frame and communicate security and risk-related concepts to technical and nontechnical audiences at various levels Strong understanding of Deloitte Touche Tohmatsu Limited operating environment or successful experience working in a comparable global professional services organization is preferredProfessional security certifications such as CISSP, CCISO, or CISA or equivalent experience is preferred
As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Disclaimer: If you are not reviewing this job posting on our Careers site (careers.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at careers.deloitte.com.
Category: Information Technology