Deloitte Security Analyst/Specialist in San Francisco, California

Deloitte is one of the leading professional services organizations in the United States, specializing in audit, tax, consulting and financial advisory services with clients in more than 20 industries. We provide powerful business solutions to some of the world s most well-known and respected companies, including more than 75 percent of the Fortune 100.At Deloitte, you can have a rewarding career on every level. In addition to challenging and meaningful work, you ll have the chance to give back to your community, make a positive impact on the environment, participate in a range of diversity and inclusion initiatives, and find the support, coaching, and training it takes to advance your career. Our commitment to individual choice lets you customize aspects of your career path, your educational opportunities and your benefits. And our culture of innovation means your ideas on how to improve our business and your clients will be heard.Security Analyst/SpecialistLocation:Open Any US OfficeCareer Level:4 (Analyst) Job SummarySecurity Analyst/Specialist works directly with Deloitte Function Specific Subsidiaries (FSS) Information Security Officer (ISO) as well as various FSS client service leaders, technical and non-technical stakeholders to support cyber security program adoption in the construction and enhancement of commercial technology and cloud enabled solutions. The Security Analyst/Specialist will support the development and validation of security requirements, and completion of security evaluation and testing. Additionally, validating adherence to security policies, standards, and industry-accepted best practices. This will include determining security requirements, design specifications, and compliance controls as well validating adherence to security policies, standards, and industry-accepted best practices with a focus on cloud security, secure software development lifecycle (SSDLC), ISO27001 compliance, regulatory security compliance, Identity and Access Management (IAM), and/or business application security. This role will assist in the creation of a unified approach to security to support the rapid evolution and innovation needs of our information technology projects and cloud and identity migration efforts. Additionally, this role will assist in the creation and business adoption of a unified governance to security to support the evolution, compliance, and innovation needs of our technology projects and cloud migration efforts required in the FSS business (e.g., Advisory, Tax, etc.) The Security Analyst/Specialist will support the development of information technology solutions by leading and evaluating the security components of architectures and compliance in key cyber areas such as cloud security, IAM, application vulnerability management, and/or data protection. ResponsibilitiesDevelop security architecture and guiding principles to support information technology initiatives with a focus on cloud and IAMInfluence and coordinate a secure approach to the development of solutions across the enterpriseAssist in delivering technical guidance related to enhancing the security posture of information technology solutionsParticipate in the security governance model, establishing policies, standards and best practicesAssist with the integration of security into cloud and identity services delivery standardsFacilitate and drive technical workshops with team leads and key stakeholdersManage and track security controls across a security program, and drive the remediation efforts to close open requirementsContribute to the implementation of security architecture controls in support of compliance requirementsDevelop and deliver communications to management and company-wide stakeholdersUp to 25% travel requiredMinimum Qualifications Education: Bachelor s Degree or equivalent experience in Information Security, Computer Science, or Information Systems Years of Experience:5 years of related experience, including cybersecurity and/or risk management experience in organizations of a similar scale or client-service experience in the field. Other Specific Skills or KnowledgeOrganizational skills and experience, including project- or role-based experience in the following: policy and standards, risk management and reporting, and change management / adoptionAbility to work with multiple business units of an organization to effect changeExceptional verbal and written communication skills. Must be able to interact effectively with professionals at all levels and communicate recommendationsKnowledge and experience across multiple information protection and security domainsKnowledge of IT asset management and/or configuration information database (CMDB)Basic knowledge of general security practices such as IAM, encryption, and multi-factor authentication, security information and event management (SIEM), and othersBroad knowledge and experience across IT infrastructure with security frameworks and standards such as ISO 17799/27001, NIST, PCI, and other relevant security-related regulations Understanding of trends and developments in the area of global security and risk managementAbility to frame and communicate security and risk-related concepts to technical and nontechnical audiences at various levels Understanding of Deloitte Touche Tohmatsu Limited operating environment or successful experience working in a comparable global professional services organization is preferredAbility to facilitate workshops/meetings with broad audiences

About Deloitte

As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: If you are not reviewing this job posting on our Careers site ( or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at

Category: Information Technology