Job title: Cyber Shared Services Support Manager
Are you energized by helping organizations protect their data and build client trust? Do you want to work in one of the world's largest holistic internal cybersecurity organizations? If you're interested in proactively preventing, detecting, and responding to cyber attacks across a complex global footprint, then Deloitte Global could be the perfect place for you. We're looking for an analytical thinker passionate about cybersecurity to join our team.
The Deloitte Global Cybersecurity function is responsible for the firm's overall objectives of enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of cybersecurity services to Deloitte member firms through regional delivery hubs and a Global Fusion Center. We are seeking a Service Group Owner - Security Risk Management to join this team.
The Shared Services Support Manager reports to the Shared Security Services Leader. The role focuses on owning the delivery of Security Risk Management Services to member firms. This is cluster based on the logical and functional relationship between the services.
* Holds a broader picture of the Shared Security Service landscape identifying interconnections between the Services in their Services Group and beyond
* Assists with driving the creation and execution of the strategy for the Security Risk Management Service Group
* Is accountable for the delivery of all customer service related responsibilities within the Security Risk Management Service Group to Deloitte Global and member firms
* Drives continuous improvement across the Services within the Security Risk Management Service Group
* Drives Security Risk Management Service Group objectives based on the global strategy and cyber risk landscape
* Customer service role that oversees the day-to-day operation of all Services within the Security Risk Management Service Group
* Acts as a central escalation point for all Services within the Security Risk Management Service Group
* Understands the architecture, design and implementation of Services within the Security Risk Management Service Group
* Escalates key risks and issues to the Cyber Shared Services Support Leader which need special attention or hold urgency
* Oversees continuous improvement of Services within the Cyber Shared Services Support team and all related services within the Security Risk Management Service Group
* Works closely with the Service Owners of individual Services ensuring consistency and driving alignment across the Service Owners within the Risk Management group
* Liaises with member firm and DTTL management and technical teams to ensure they are consuming all the offered Services within the Risk Management group across the globe and to ensure member firm expectations are being met
* Aligns and collaborates with other Service Owners with the Risk Management group to understand trends, issues and risks and to exchange expertise
What you'll be part of-our Deloitte Global culture:
At Deloitte, we expect results. Incredible-tangible-results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network.
In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in-with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out-with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.
Deloitte Global supports our talented professionals in answering the question: What impact will you make?
Who you'll work with:
The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte's global network of firms around the globe.
To be considered for this role, there are certain qualifications you'll have to have. And others that would be really, really nice.
* Minimum of 5 years of combined experience in the Information Security / Cybersecurity domain with a focus on security risk management
* At least 3 years holding a management and leadership role.
* Bachelor's degree in Computer Science, Cyber Security, International Cyber Security, or equivalent education-related experience
* Proven track record and experience of the following in a highly complex and global organization:
* Application Security testing services experience working with both testing tools and any facet of penetration testing services
* Risk Management - ability to convey risk to business managers and executives
* Vendor Risk Assessment experience
* Client Security Advisory assistance
* Application/Infrastructure Architecture experience
* Client facing experience with ability to convert technical issues into business language
* Experience working with variety of cultures across the globe and have the patience, understanding and empathy to work collaboratively and effectively
* Professional security management certification required (at least 1 active certification from any of the following), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials such as any SANs certifications. More than 1 certification is preferable.
* Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to effectively communicate all security services within the realm of risk management, convey information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels
* Sound knowledge of business management and an expert level of knowledge of Application Security testing, Vulnerability Management, Vendor Risk Assessments, information/cybersecurity risk management
* Cyber solutions management experience with strong technical background and excellent presentation skills
* Experience interacting, presenting and working with C-level executives (CISO, CIO, etc.) and lower business management as well as technical management teams
* Ability to accurately convey customer feedback to other service owners under the Risk Management Services group
* Ability to provide process and service improvements in an effective and professional manner
* Foundational knowledge and understanding of information security legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), GDPR and Payment Card Industry/Data Security Standard
* Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework
* Ability to backup Senior Manager when required
* Ability to travel as needed up to 10%
How you'll grow:
Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.
Benefits you'll receive:
Deloitte's Total Rewards program reflects our continued commitment to lead from the front in everything we do - that's why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com
Requisition code: DE20USAGTS005SO0092