Senior Data Protection Security Analyst
Chicago, IL

Job Description

Are you energized by helping organizations protect their data and build client trust? Do you want to work in one of the world's largest holistic internal cybersecurity organizations? If you're interested in proactively preventing, detecting, and responding to cyber attacks across a complex global footprint, then Deloitte Global could be the perfect place for you. We're looking for an analytical thinker passionate about cybersecurity to join our team.

Work you'll do:

The Deloitte Global Cybersecurity function is responsible for the firm's overall objectives of enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of cybersecurity services to Deloitte member firms through regional delivery hubs and a Global Fusion Center. We are seeking a Senior Data Protection Security Analyst to join the team.

The Senior Data Protection Security Analyst reports to the Enterprise Collaboration Technical Delivery Senior Manager (Global Digital Collaboration Program Office). The role focuses on assisting with the analysis of new security and protection technologies or operational services for the enterprise to ensure that the appropriate controls are selected. You'll work closely with management, leads, peers, development teams, business functions, and end users to ensure data protection for systems are used by all areas within the organization; regularly perform detail feature and usability analysis-based vendor's offerings against Deloitte business needs; regularly review data protection reports and metrics to recommend enhancements and additional controls based on business security models; and, support Information Security programs which include security enhancements, new security technology evaluation and testing, project requirement gathering, internal client communications, data protection inquiries, and documentation.

Responsibilities:

* Identify priority/in-scope applications to block or assess.


* Initiate member firms communications with Member firms representatives before the start of assessments, including CIO, CISO, CCO and Risk leaders.


* Perform security assessments, including co-ordination with other teams such as the Global Exceptions Team, Web Protection Team and CMDB teams.


* Provide recommendations on security gaps identified.


* Inform Web Protection team to block and maintain list of blocked applications and exceptions.


* Review and communicate exceptions AD groups to Web Protection team.


* Monitor and track non-globally approved applications' and their exceptions AD groups.


* Regularly consolidate and report in on the status of assessments activities.


* Ensure that the use of globally approved collaboration applications is mandated and aligned in global standards.


* Continually improve on business workflow process analysis and assessment procedures based on metrics.


* Conduct initial collaboration security assessment for new global client collaboration application.


* Performs other job-related duties as assigned.



What you'll be part of-our Deloitte Global culture:

At Deloitte, we expect results. Incredible-tangible-results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network.

In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in-with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out-with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.

Deloitte Global supports our talented professionals in answering the question: What impact will you make?

Who you'll work with:

The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte's global network of firms around the globe.

How you'll grow:

Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.

Benefits you'll receive:

Deloitte's Total Rewards program reflects our continued commitment to lead from the front in everything we do - that's why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.

To be considered for this role, there are certain qualifications you'll have to have. And others that would be really, really nice.

Required:

* Strong understanding of Cloud SaaS, particularly cloud collaboration applications.


* May vary by specialization but may include understanding of project management, application security concepts, data protection, and mobility security integration.


* Should possess basic understanding in the following:
* Data encryption.


* CASB, DLP and other related data protection solutions.


* Cloud Security framework.




* Operational experience with various commonly used operating systems and services.


* Network communication basics.


* Experience in ServiceNow is a plus.


* Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels.


* Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework.



Education and experience:

* Bachelor's degree, ideally in information technology


* Minimum 4 years' experience in Cybersecurity with a focus on Data Protection.



Preferred:

* Experience in working in a large global organization


* Professional security management certification strongly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA), Global Information Assurance Certification (GIAC), or other similar credentials.


* Strongly desirable to be a member of Institute of Information Security Professionals (IISP) or similar.



All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com

Requisition code: DE19USAGTS004FF1822

*
*
*
*
*
*