Cyber Data Protection Manager

Position Summary

Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte Technology US (DT - US). We are curious and life-long learners focused on technology and innovation.

Recruiting for this role ends on 6/30/2026.

Work you'll do

US Cyber Data Protection team is responsible for securing and protecting confidential data of Deloitte US Member Firm, our Clients and our Employees. Team's core mission is to implement consistent security controls to protect Firm's data and data entrusted to us by our Clients to build their trust and protect our brand. We are seeking an experienced Cybersecurity Data Protection Manager to join the US Cybersecurity Data Protection team in the Deloitte Technology US (DT-US) Organization within Enabling Areas.

The Cybersecurity Data Protection Manager is responsible for leading and managing a diverse team of Cyber Security Engineers and Analysts in developing, implementing, and providing day-to-day support for cyber data protection solutions and capabilities. You will require demonstrated experience and advanced knowledge within areas of Cryptography, TLS/SSL Certificate lifecycle management, Secure Key Management, PKI architecture and concepts, Code Signing, Data Classification and Rights Management, Data Encryption and Decryption. You will be responsible to lead, manage, mature and provide lights on support for several cyber data protection services including, but not limited to TLS/SSL Certificate Lifecycle Management Service, Encryption Key Management Service, Data Classification and Rights Management Service, Code Signing Service, Public Key Infrastructure Service, Hard Drive Encryption Key Recovery Management Service, Cyber Security Engineering and Data Protection Consultation Support. You will design, implement and operate technology and process solutions to reduce data risks, develop and lead the implementation of encryption strategies to protect sensitive data, manage the lifecycle of PKI systems, ensure robust and scalable certificate management processes are in place, monitor and maintain the health of certificate infrastructures to prevent downtime and security breaches, and assist with developing requirements, evaluating vendor solutions, architecting, implementing and operating data protection solutions. Role will require demonstrated ability and comfort with executive level reporting, issue escalation, ability to effectively communicate solutions to Business Leaders, CIO Leadership Team, Confidentiality and Privacy Stakeholders, Executives in the Deloitte US Member Firm.

The position reports to Senior Manager, Data Protection.

As a Cyber Data Protection Manager on the US Cyber Data Protection team, you will be responsible for:

• Leading, managing, and overseeing technical workstreams and work of 4-5 Cyber Professionals
• Serving as a subject matter expert and trusted advisor to internal IT stakeholders in implementing strategic and practical data protection and encryption solutions based on new and emerging data security risks.
• Advising internal stakeholders on best practices for data encryption, decryption, certificate and key lifecycle management, PKI strategies across cloud, on-premises and hybrid environments.
• Designing, implementing, and operating technology and process solutions to reduce data risk, including certificate lifecycle management, certificate infrastructure monitoring, and data protection solution deployment in support of 180K+ Practitioners.
• Providing Tier 2 technical expertise and support to Deloitte End Users for several of the cyber data protection services supported by the team that includes TLS/SSL Certificate Lifecycle Management, Encryption Key Management, Data Classification and Rights Management, Code Signing, Public Key Infrastructure, Cyber Security Engineering and Data Protection Consultation.
• Managing the roll out of new data protection solutions to employees, getting them adopted and providing on-going support for those services.
• Assisting with technology and software reviews based on data protection and endpoint risks.
• Providing technical engineering and troubleshooting support to network, application, and user issues.
• Staying current on emerging encryption technologies and industry trends, while proactively evaluating and recommending tools and solutions to strengthen data security.

• Certificate Lifecycle Management platforms such as Venafi, Keyfactor, DigiCert, or similar
• Public Key Infrastructure design and supporting technologies
• Encryption Key Management platforms such as CipherTrust, Azure Key Vault, or similar
• Data Classification, Labeling and Rights Management technologies such as Microsoft Purview.
• Digital Code Signing operations and management
• Database Encryption technologies
• Understanding of cloud-native certificate and key services in AWS, Azure, and GCP
• Secure network protocols including TLS, SSH, DTS, SFTP, sLDAP, 802.1x, IPSEC
• Secure SSL VPN technology and PKI Certificate integration
• Data Storage Encryption Key Management technology
• Laptop/Desktop Hard Drive Encryption Key Management Platform

• Ability to work independently and collaborate as part of a team
• Effective written and verbal communication skills
• Meticulous attention to detail and quality of work product
• Ability to build and sustain professional relationships
• Ability to lead projects or workstreams
• Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
• Strong interpersonal skills and professional demeanor
• Ability to meet deadlines
• Ability to mentor and provide clear guidance to others

• Cyber Security
• Technology Support
• Technology & Infrastructure
• Applications
• Relationship Management
• Strategy & Communications
• Project Management
• Financials

• Risk & Compliance
• Identity & Access Management
• Data Protection
• Cyber Design
• Incident Response
• Security Architecture
• Business Partnership

• Bachelor's degree or equivalent in Cybersecurity, Information Security, Engineering, Computer Science, Information Technology, or related field
• Minimum 8 years of combined experience in the Information Security/Cybersecurity domains.
• Experience translating business, operational, and security requirements into architecture blueprints and implementation plans
• Minimum 1 year of previous people leadership or project management experience.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
• Ability to travel 0-10%, on average, based on the work you do and the clients and industries/sectors you serve.

• Strong leadership skills, including executive stakeholder management, workshop facilitation, roadmap alignment, and decision-making support
• Ability to lead technical workstreams, architects, engineers, and offshore/onshore teams
• Experience with PKI concepts: Expertise in PKI architecture and enterprise trust models
• Experience leading Certificate Lifecycle Management strategy, design, and implementation
• Advanced knowledge of cryptography, certificate lifecycle processes, key management, HSM integration, and crypto policy enforcement
• Hands-on understanding of certificate automation across load balancers, WAFs, API gateways, Kubernetes, cloud, web/app servers, and network/security infrastructure.
• Experience leading certificate discovery, inventory rationalization, remediation, renewal automation, and compliance monitoring programs
• Familiarity with crypto-agility strategies and post-quantum cryptography readiness
• Knowledge of adjacent domains such as IAM, PAM, secrets management, zero trust, and machine identity management
• Experience with DevSecOps integration, CI/CD pipeline enablement
• Working knowledge of Python, PowerShell, Bash, REST APIs, or infrastructure automation
• Awareness of regulatory, audit, and policy requirements impacting cryptographic controls
• Strong mentoring capability for junior practitioners and emerging technical leads
• Comfort with executive-level reporting, issue escalation, and IT stakeholder discussions
• Professional security certification is desirable, such as CISSP.
• Knowledge of data protection regulations and standards (e.g., ISO 27001, ISO 27018, NIST and FIPS encryption and key standards).
• Understanding of networking and core networking protocols (e.g., TCP/IP, UDP, DNS, SMTP, HTTP, TLS, and distributed networks).
• Understanding security controls in public cloud environments (i.e., Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform) and SaaS services hardening.
• Ability to write technical reports and communicate technical content to business users.
• Self-motivated with a strong willingness to learn and grow with changing cloud technologies.
• Experience working in a virtual team.