Security Manager - Global Information Security Office
Deloitte Touche Tohmatsu Services, Inc. seeks an Information Security Manager - Global Information Security Office in Chicago, IL.
Work You'll Do
Responsible for management, identification, and response to cyber security incidents, including intrusion event analysis, live computer forensics and malware analysis. Instruct developers on security coding and architecture techniques to determine risks and recommend appropriate information security solutions. Supervise incident response handling for cyber security incidents, including forensic analysis and research, advanced incident support, intelligence gathering and formal incident investigation. Guiding the application security team with Enterprise Governance Risk Compliance (eGRC) integration and prepare reports to document process deployment. Perform application penetration testing activities, including scoping, information gathering, and remediation activities utilizing Burp, Wireshark and Varacode Scanner to find vulnerability in operating systems. Lead risk assessment activities for both in-house and cloud deployed software solutions, including code review and fuzz testing using HP Webinspect and Fortify. Identify potential security exposures and define remediation plans to correct application security vulnerabilities. Work in collaboration with management, development teams and business analysts on security techniques for software technology, including web services, token-based authentication schemes, AJAX and mobile. Oversee team of developers on application architecture and vulnerability testing. Perform the above-referenced duties utilizing various information technologies, including Java, HTML, C++ and Oracle. Advise on information security functions and protocols to comply with industry best practices, client requests and technology trends. Support the remediation of local firm security issues and serve as the primary point of contact for regional issues, including on-site emergency response. Provide technology security guidance and support existing and future application development and architecture solutions. Remain informed on the latest security risks, threats and technology trends and incorporate information into processes, procedures and audit preparedness activities. Liaison with senior leaders to provide recommendations or mitigation and prevention techniques. Propose enhancements to risk mitigation strategies and develop plans for security breaches. Lead specific initiatives to support information security work streams with the implementation of the appropriate security requirements and standards.
- Bachelor's degree or foreign equivalent degree in Computer Science, Information Technology, Engineering (any) or a related field.
- Five years of progressively responsible, post-baccalaureate experience in information security.
- Must have five years of experience with:
- Incident response handling for cyber security incidents, including forensic analysis and research, advanced incident support, intelligence gathering, and formal incident investigation;
- Assisting application security team with Enterprise Governance Risk Compliance (eGRC) integration and preparing reports to document process deployment;
- Performing application penetration testing activities, including scoping, information gathering, and remediation activities utilizing Burp, Wireshark and Varacode Scanner to find vulnerabilities in operating systems;
- Performing risk assessment activities for both in-house and cloud deployed software solutions, including code review and fuzz testing using HP Webinspect and Fortify;
- Identifying potential security exposures and defining remediation plans to correct application security vulnerabilities;
- Working with other teams on security techniques for software technology, including web services, token-based authentication schemes, AJAX and mobile;
- Working with a team of developers on application architecture and vulnerability testing; and
- Utilizing various information technologies, including Java, HTML, C++ and Oracle.
- In the alternative, the employer will accept a Master's degree in a stated field and three years of experience.
- Any suitable combination of education, training or experience is acceptable.
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte's impact on the world.
We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you're applying to. We also suggest that you brush up on your behavioral and case interviewing skills and practice discussing your experience and job history with a family member, friend, or mentor. Check out recruiting tips from Deloitte professionals.
Requisition code: XGGS18FB0817CHI1
See Inside the Office of Deloitte
One of the largest professional services organizations in the U.S., Deloitte delivers innovative solutions to the complex business problems facing companies around the world. Deloitte offers rewarding careers in four businesses—audit, tax, consulting, and financial advisory. Widely recognized for its inclusion initiatives, Deloitte is committed to building a workplace environment that allows people from all generations, ethnicities, and cultures to be their authentic selves.
Back to top