Data Protection Manager (41082)
- Cyber Security
- Technology Support
- Technology & Infrastructure
- Relationship Management
- Strategy & Communications
- Project Management
Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of focus include:
- Risk & Compliance
- Identity & Access Management
- Data Protection
- Cyber Design
- Incident Response
- Security Architecture
- Business Partnership
- Bachelor's degree in IT, Cyber Security, Computer Science or related fields
- At least one professional cyber security certification designation required such as CISSP, CISA, CISM, CCSP, CEH, SANS GIAC, CRISC, CompTIA Security+ etc.
- Min. 6+ years of experience implementing Data Protection tools within a complex business environment, through requirements gathering, building, testing, and production roll out
- Demonstrated ability to lead, manage and guide teams of 4 to 6 cyber security analysts and engineers in developing and implementing Data Protection solutions and capabilities that are clearly aligned to business, technology and threat drivers
- Demonstrated experience leading data protection projects to define strategy, roadmap, operating model, tool design and process documents
- Extensive knowledge and/or proven record of success managing technology implementation projects for at least three (3) of the following Data Protection capabilities:
- Cloud Access Security Broker (CASB) Service (i.e. McAfee Skyhigh, Broadcom CloudSOC CASB, Netskope CASB etc.)
- Web Protection Service (Symantec WSS, ZScaler, Forcepoint Proxy, Cisco WSA etc.)
- Advanced Threat Protection and Endpoint Detection and Remediation Service (i.e. Cylance, Crowdstrike, FireEye HX etc.)
- Data Loss Prevention Service (i.e. Symantec DLP, McAfee DLP, Forcepoint DLP etc.)
- Data Classification and Rights Management Service (i.e. Microsoft Azure Information Protection, Boldon James, Titus etc.)
- Key & Certificate Lifecycle Management Service (Venafi CMS, Vormetric KMS etc.)
- Data Retention and Destruction Service (Symantec Network Discovery, Office365 Security Compliance Center, Avepoint etc.)
- Data Access Governance Service (Varonis DatAdvantage, Veritas Data Insight etc.)
- Demonstrated ability to manage and lead a team, develop cyber security professionals, communicate with executives, coach and mentor team members, conduct performance management, perform company-wide coordination, collaboration and communication of security initiatives, develop budget, manage relationship with internal stakeholders, communicate with vendors etc.
- Demonstrated ability to drive organizational change and work with multiple business units to effect change.
- Exceptional verbal and written communication skills. Must be able to interact effectively with professionals at all levels and communicate recommendations with diplomacy and tact.
- Broad knowledge and experience across IT infrastructure with security frameworks and standards such as ISO 17799/27001, PCI, and other relevant security-related regulations.
- Proven knowledge and experience in multiple cyber security domains.
- Operate as a technical subject matter specialist on industry trends around data security risk and data protection practices