Security Analyst/Consultant (54446)
- Team member will conduct vulnerability and compliance scans for new and existing IT Systems using Tenable Security Center, Nessus, Burp Suite, and AppDetectivePro. This position will be responsible for creating, scheduling and interpreting scans, scan objects and coordinating with the client on identifying false positives and suggesting remediation strategies. This position is responsible for POA&M development, entry and follow-up for closeout. Provides assessment and authorization (A&A) support in the development of security and contingency plans and conducts complex risk and vulnerability assessments. Develops and completes system security plans and contingency plans. Recommends system enhancements to improve security deficiencies. Develops, tests and integrates computer and network security tools. Secures system configurations and installs security tools, scans systems in order to determine compliancy and report results and evaluates products and various aspects of system administration. Conducts security program audits and develops solutions to lessen identified risks. Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Evaluates, develops and enhances security requirements, policy and tools. Provides assistance in computer incident investigations.
- Utilize IAM (Identity and Access Management) programs to enable federal clients to protect against digital identity risks.
- Provide appropriate access to applications, systems, and data with advanced authentication.
- Oversee the spread of information with privileged access management.
- Verify identity utilizing a wide range of IAM solutions including HSPD-12, PIV, and advanced authentication methods.
Deloitte's Government and Public Services (GPS) practice - our people, ideas, technology and outcomes-is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of more than 15,000 professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.
At Deloitte, we believe cyber is about starting things-not stopping them-and enabling the freedom to create a more secure future. Cyber Identity leverages methodologies and a digital identity platform to help clients control which employees, partners, suppliers, customers, and citizens have access to sensitive organizational applications and data. Cyber Identity also focuses on the integrations of cutting-edge technologies and cloud providers. Our team is dedicated to enhancing IAM programs so our clients can mitigate risk, reduce intrusion, and secure information. If you're seeking a career in IAM, cloud systems, or identity governance then Cyber Identity is for you.
- Bachelor's Degree required in Computer Science, Cyber Security, Information Security, Engineering, Information Technology, Finance, Business, Math or other business related fields.
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
- Ability to obtain & maintain the required Security Clearance
- Travel up to 15%
- 3 plus years of experience with:
- Working knowledge of the Risk Management Framework (RMF)
- Experience in the creation of Certification & Accreditation packages and deliverables
- Knowledge and experience implementing NIST guidance relating to SA&A, including System Security Plans, Security Test & Evaluation Plans, Risk Assessments, Contingency Plans, and Business Impact Analysis, and applying applicable standards and guidance to managed systems
- Experience with vulnerability scanning processes and programs such as Nessus, Tenable Security Center, Burp, AppDetectivePro or similar scanning systems
- Experience working with cyber security tools such as Tenable, Elastic, ForeScout, etc.
- Technical Strong analytical, estimating and problem solving skills
- Excellent communication, interpersonal and collaboration skills
- Ability to be flexible, adaptable and learn new concepts quickly
- Ability to work effectively in a team environment with aggressive deadlines and multiple priorities
- Experience working with IAM
- Experience working with identity governance
- Experience working with HSPD-12
- Experience utilizing advanced authentication
- Prior professional services or federal consulting experience
- Previous identity analytics experience
- Experience in consumer identity and directory services
- Certifications (e.g., CompTIA Security+, CEH, CISSP)
How you'll grow
At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.