--

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

What will your typical day look like?

In this role you will have leadership position within a new Business Information Security function, positioned to lead a team that provides cybersecurity support/guidance for a diverse portfolio of Technology system/solutions used across Deloitte.

Primary Responsibilities:

• Collaborate with senior business and technology leaders, supporting them in designing and building solutions that adhere to the firm’s (current and future) security design requirements, helping them in achieving their associated objectives and overall strategy and not being afraid to challenge decisions that may place the firm at risk.
• Ensure effective and on-time delivery of security guidance for complex technology systems and solutions within Deloitte Technology, completion of cyber reviews for applications migrating from on-prem data centers to public and private cloud environments.
• Build strong working relationships across the Global Cybersecurity organization, Shared Services Organization, SSDLC Optimization Team, and peers from member firm cyber teams.
• Represent Global Cybersecurity on the Global Architectural Review Board
• Ensure continued compliance with SSDLC requirements as defined by Deloitte and industry cyber frameworks (e.g., ISO 27001)
• Lead the evolution, development, and implementation of reporting metrics, demonstrating Cybersecurity value and risk reduction across your assigned technology customer area.
• Contribute to the ongoing evolution of the Business Information Security team.

About the team

Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Enough about us, let’s talk about you

• At least 10 years combined experience in cybersecurity working in an information security context
• At least 5 years holding a leadership or senior management role
• Ability to define strategy and influence senior stakeholders
• High degree of business acumen, understanding complex business needs and the value of secure design principles (SSDLC) and other cyber capabilities deliver in reducing cyber risk across Deloitte
• Excellent interpersonal and collaborative skills, with ability to communicate strategic information, security topics, policies, and standards as well as risk-related concepts to technical and non-technical audiences at various levels
• Lead a global team of diverse, experienced cyber professionals in a fast-paced environment
• Demonstrated knowledge of securing applications, large enterprise platforms and infrastructure systems (secure coding methods, WAF, application gateways, firewalls, servers, virtualized technologies)
• Securing cloud-based environments and understanding risks associated with cloud-based solutions hosted in M365, Azure, AWS and GCP
• Understanding of containerization technologies such as Kubernetes and Docker
• Understanding of DevSecOps and agile methodologies
• Understanding of applying secure system/solution design principles to prevent application specific security defects based on OWASP Top 10 vulnerabilities
• Understanding of identity management and federation technologies and concepts
• Knowledge of software development models (e.g., Waterfall Model, Agile)
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the NIST Cybersecurity Framework

Education:

• Bachelor’s degree in computer science, cybersecurity, other technology-related fields, or equivalent work- related experience in a similar role within a large multi-national organization considered

Preferred:

• At least 10 years combined experience in cybersecurity and / or solution design in an information security context
• Professional security certification desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), or other similar credentials

Total Rewards

The salary range for this position is $104,000 - $215,000, and individuals may be eligible to participate in our bonus program. Deloitte is fair and competitive when it comes to the salaries of our people. We regularly benchmark across a variety of positions, industries, sectors, targets, and levels. Our approach is grounded on recognizing people's unique strengths and contributions and rewarding the value that they deliver.

Our Total Rewards Package extends well beyond traditional compensation and benefit programs and is designed to recognize employee contributions, encourage personal wellness, and support firm growth.  Along with a competitive base salary and variable pay opportunities, we offer a wide array of initiatives that differentiate us as a people-first organization. Some representative examples include: $4,000 per year for mental health support benefits, a $1,300 flexible benefit spending account, 38+ days off (including 10 firm-wide closures known as "Deloitte Days"), flexible work arrangements and a hybrid work structure.