Job was saved successfully.
Job was removed from Saved Jobs.

Job Details


Deloitte

Security Compliance Engineer/Senior Consultant (Secret Cleared)- Remote/Delivery Center role (61998)

Law Enforcement and Security

Compliance Officer

Yearly

No

Gilbert, Arizona, United States

Are you an experienced, passionate pioneer in technology - a solutions builder, a roll-up-your-sleeves technologist who wants a daily collaborative environment, think-tank feel and share new ideas with your colleagues - without the extensive demands of travel? If so, consider an opportunity with our US Delivery Center - we are breaking the mold of a typical Delivery Center.

Our US Delivery Centers have been growing since 2014 with significant, continued growth on the horizon. Interested? Read more about our opportunity below...

Work you'll do

As a Security Compliance Engineer with Deloitte's Advisory team, you will be a trusted security partner in Deloitte's Government and Public Services practice. You will directly engage in the delivery of projects with multi-disciplinary teams, implementing security controls, POA&M Management, etc.

  • Perform, Develop, Modify and lead Risk Management Framework (RMF) assessments, authorizations, and monitoring steps for systems following NIST standards and best practices.
  • Work in close coordination with all system stakeholders - Create and maintain existing information system security documentation, including System Security Plan (SSP), Security Controls Matrix and Assessment, and Security Configuration Guide (controlled changes to the system).
  • Performs host, network, cloud, application-based security control assessments
  • Create security policies and maintain existing information system security documentation
  • Conduct a comprehensive assessment of the management, operation, and technical controls to determine the overall effectiveness of controls
  • Conduct periodic and continuous reviews of the system to ensure compliance with the authorization package
  • Responsible for elements of physical and environmental protection, personnel security, incident handling, and security training and awareness and ensure systems are operated, maintained, and disposed of by security policies and procedures
  • Participate in the change management process, including reviewing Requests for Change (RFC) and assist in the assessment of a potential change's security impact
  • Conduct daily, weekly and monthly audit review and management of the audit collection system
  • Continuously review and evaluate vendor, security, and business best practices for implementing a comprehensive audit program
  • Remain sensitive to security infractions and assist in security investigations and responses as requested

Additional information:
  • Develop strategies to assess whether applications are designed to client standards while eliminating security risks.
  • Manage migration process of application data.
  • Collaborate with various stakeholders to gather business requirements for enhancements/ change requests.
  • Work with Governance, Risk and Compliance (GRC) applications
  • Define plan for synchronization strategy and patch management.
  • Establish security controls to help protect client systems.


The team

From our centers, we work with Deloitte consultants to design, develop and build solutions to help clients reimagine, reshape and rewire the competitive fabric of entire industries. Our centers house a multitude of specialists, ranging from systems designers, architects and integrators, to creative digital experts, to cyber risk and human capital professionals. All work together on diverse projects from advanced pre-configured solutions and methodologies, to brand-building and campaign management. We are a unique blend of skills and experiences, yet we underline the value of each individual, providing customized career paths, fostering innovation and knowledge development with a focus on quality. The US Delivery Center supports a collaborative team culture where we work and live close to home with limited travel.

Qualifications

Required:
  • Bachelor's Degree required
  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
  • Active or Interim Secret Clearance required
  • 2+ years of experience applying RMF, NIST 800-53 and Government IT security frameworks
  • Certifications in at least one of the following such as SCP, Cisco Certified Network Associate (CCNA)-Security, GIAC Security Essentials Certification (GSEC), Certified Information Systems Auditor (CISA), GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED), CISSP, CompTIA Advanced Security Practitioner (CASP) or comparable
  • Knowledge of IT audits, including conducting technical security compliance tests and vulnerability assessments.
  • Knowledge of Government security requirements for access control
  • Demonstrated ability to use MS Office Suite to include Word, PowerPoint, and Excel.
  • Superior communication skills, both written and oral
  • Travel up to 15%
  • Experience working with GRC applications
  • Ability to provide clients with strategic direction to help them improve risk management processes/procedures

Preferred:
  • Prior professional services or federal consulting experience


How you'll grow

At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.