Infrastructure Assessment and Engineering Analyst Infrastructure Assessment and Engineering Analyst …

Deloitte
in Princeton, NJ, United States
Internships & Graduate Trainee, Full time
Be the first to apply
Competitive
Deloitte
in Princeton, NJ, United States
Internships & Graduate Trainee, Full time
Be the first to apply
Competitive
Infrastructure Assessment and Engineering Analyst
Deloitte Global Job title: Infrastructure & Assessment Engineering Analyst
Are you energized by helping organizations protect their data and build client trust? Do you want to work in one of the world's largest holistic internal cybersecurity organizations? If you're interested in proactively preventing, detecting, and responding to cyber attacks across a complex global footprint, then Deloitte Global could be the perfect place for you. We're looking for an analytical thinker passionate about cybersecurity to join our team.
Work you'll do:
Contributes towards and supports the Secure Systems Development Lifecycle (S-SDLC), including functional and non-functional cybersecurity requirements for all new infrastructure projects
• Works with Global Technology Infrastructure to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Understands the impact these security controls have on the respective organizations and their ability to effectively deliver client services
• Works with the Cybersecurity Architecture team and applies reference architectures for security solutions design and implementation
• Working with the Cyber Defense group and the Security Operations Center, evaluates the effectiveness of the security controls and architectures in relationship to actual intrusions seen on the Deloitte network, reported threats at peer organizations and overall cybersecurity threats in the internet ecosystem
• Identifies security exposures that currently exist or may pose potential threats to Deloitte's networks or systems. Notifies leadership of potential or existing threats and assists in the development of risk mitigating strategies of assigned items.
• Monitors security blogs, articles, and reports and remains current on related laws, regulations, and industry standards to keep up to date on the latest security risks, threats, and technology trends, where relevant notifies leadership to incorporate information into processes, procedures, and audit preparedness activities.

Operational
  • Performs technology security risk assessments for GTS infrastructure, in line with SSDLC and TOM. Where appropriate, leverage security shared services (VRA, VM, Pen Testing)
  • Provides oversight and assurance of cybersecurity controls in development and deployment through to system/project go-live
  • Supports the review and documents major new and updated GTS infrastructure solutions from a cybersecurity assessment perspective for systems and COTS project implementations required by the Technical Operating Model and Secure SDLC
What you'll be part of-our Deloitte Global culture:
At Deloitte, we expect results. Incredible-tangible-results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network.
In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in-with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out-with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.
Deloitte Global supports our talented professionals in answering the question: What impact will you make?

Who you'll work with:
The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte's global network of firms around the globe.

Relationship Management
  • Works closely with GTI in defining cybersecurity related policies and configurations for Critical Infrastructure Services
  • Holds a strong working relationship with the Security Architecture team to ensure IT solution designs align with approved security architecture patterns
  • Works closely with the Shared Security Service teams to ensure new IT solutions and major changes receive appropriate testing prior to deployment into production
Works with the Global Business Services and Member Firm Services organizations to ensure new products and services have security assessments performed and consistent security controls are implemented.

#GLBArchEng
#GLBCyber

To beconsidered for this role, there are certain qualifications you'll have to have.And others that would be really, really nice.
Required:

Education
  • Bachelor's degree: degree in business administration, a technology-related field, or equivalent education-related experience
Work experience
  • Minimum of 4 years of experience in engineering and solution design in an information security context
  • Proven track record and experience of developing and supporting security requirements across a broad spectrum of infrastructure and end user computing technologies
Preferred:
Certification
  • Professional security management certification strongly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials
  • Member of IISP or have the qualification, skills and experience to become a member
  • Relevant technical certification preferred (CISSP-ISSEP, CEH, CCNP Security, GSEC)
Skills/abilities
  • Exceptional written and verbal English language communication skills
  • Excellent interpersonal and collaborative skills, with ability to communicate technical information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels
  • Soundknowledge of information / cybersecurity engineering and solution design
  • Strong knowledge of key cybersecurity technologies such as network security tools (firewalls, intrusion detection system (IDS)/ intrusion protection system (IPS), content filtering, network access control (NAC), end-point protection (AV, EDR, MDM), data loss prevention, encryption, vulnerability management, and security information and event management (SIEM)
  • Sound knowledge of cybersecurity for cloud environments (Azure, AWS, Google Cloud)
  • Strong knowledge and understanding of information security legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework
  • Advanced competency in Microsoft Office technologies
  • Ability to multi-task, prioritize work and work independently
  • Process-oriented mind set
  • A demonstrable passion for the field of Information Security
  • Ability to travel as needed 10%

Education
  • Bachelor's degree: degree in business administration, a technology-related field, or equivalent education-related experience
Work experience
  • Minimum of 4 years of experience in engineering and operations in an information security context including leading teams
  • Proven track record and experience of developing and supporting security requirements across a broad spectrum of infrastructure and end user computing technologies
Skills/abilities
  • Exceptional written and verbal English language communication skills
  • Excellent interpersonal and collaborative skills, with ability to communicate technical information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels
  • Expert knowledge of key cybersecurity technologies such as network security tools (firewalls, intrusion detection system (IDS)/ intrusion protection system (IPS), content filtering, network access control (NAC), end-point protection (AV, EDR, MDM), data loss prevention, encryption, vulnerability management, and security information and event management (SIEM)
  • Strong knowledge and understanding of information security legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework
  • Advanced competency in Microsoft Office technologies
  • Ability to multi-task, prioritize work and work independently
  • Ability to manage a global team
  • A demonstrable passion for the field of Information Security
  • Ability to travel as needed (no more than 10%)
Preferred:
Certification
  • Professional security management certification strongly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
  • Member of IISP or have the qualification, skills and experience to become a member
  • Relevant technical certification preferred (CISSP-ISSEP, CEH, CCNP Security, GSEC)

How you'll grow:
Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.

Benefits you'll receive:
Deloitte's Total Rewards program reflects our continued commitment to lead from the front in everything we do - that's why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com

Requisition code: D50882


Close
Loading...