Technical Delivery Manager for Testing
Arlington, VA

Job Description

Are you energized by helping organizations protect their data and build client trust? Do you want to work in one of the world's largest holistic internal cybersecurity organizations? If you're interested in proactively preventing, detecting, and responding to cyber attacks across a complex global footprint, then Deloitte Global could be the perfect place for you. We're looking for an analytical thinker passionate about cybersecurity to join and support our team.

As part of the global Attack Surface Assessment team, we are seeking an experienced Security Tester to execute the management of the technical evaluation process, assessing the effectiveness of, and making recommendations for the security controls required for digital assets in order to meet the Deloitte risk appetite. The candidate being sought should be a creative, self-motivated, highly energetic and results oriented individual passionate about cyber security and risk management.

We are looking for a candidate with a strong foundation in business operations and project management, with the ability to build presentations and messaging that communicates strategy, roadmap, value and capabilities

Work you'll do:

As part of the Global Cybersecurity team, this professional will hold broad responsibilities will be to work with customers to deliver technical assessments against a broad range of services, illustrative duties will include:

* Management of regional Security Testers


* Technical Quality Assurance of customer deliverables


* Executing security testing:
* Software/Web Application/Web Services penetration testing


* Network Penetration Testing


* Mobile Application Penetration Testing


* Thick Client Penetration Testing




* Provide consultative guidance to customers on findings identified in a clear and actionable fashion both in writing and verbally


* Ownership of testing methodologies, processes and standards documentation


* Maintaining proficiency of knowledge through ongoing training paths


* Architecture Security Analysis and Threat Modeling as required


* Open source intelligence analysis and assessment


* Communications on how to effectively engage services and what capabilities are available


* Technical Stakeholder engagement as required to reduce the organization risk profile



This Deloitte Global role requires limited to no travel.

What you'll be part of-our Deloitte Global culture:

At Deloitte, we expect results. Incredible-tangible-results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network.

In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in-with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out-with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.

Deloitte Global supports our talented professionals in answering the question: What impact will you make?

Who you'll work with:

The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte's global network of firms around the globe.

This role is based in the Americas. Relocation assistance may be considered on a case by case basis.

How you'll grow:

Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.

Benefits you'll receive:

Deloitte's Total Rewards program reflects our continued commitment to lead from the front in everything we do - that's why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.

To be considered for this role, there are certain qualifications you'll have to have. And others that would be really, really nice.

Required:

* Experience of managing security testing staff


* Developed experience with web application penetration testing


* Familiarity with software security weakness and vulnerabilities


* Experience in network penetration testing


* Working knowledge of one scripting language


* Experience in reverse engineering is a plus


* Familiarity with at least one software programming language and framework is a plus


* Demonstrated experience working with diverse stakeholders, preferably on a global multi-national basis


* Ability to manage concurrent initiatives and use effective judgment in prioritization and time management


* Strong written and verbal communication skills



Knowledge or awareness of the following would be desirable:

* Reverse Engineering


* Source code reviews


* Cloud Service testing


* ISO 27000 series such as 27001, 27002, 27032, 27035 • NIST SP 800 series •


* PCI DSS


* OWASP Top Ten


* SANS Institute - CIS Critical Security Controls


* Standard of Good Practice for Information Security


* Incident management and response


* Vulnerability management



Desired Cyber Security-related Licenses & Certifications:

* Certified Information Systems Security Professional (CISSP)


* Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA)


* Certified Ethical Hacker (CEH)


* Offensive Certified Security Professional (OSCP)


* GIAC Security Essentials (GSEC)


* GIAC Mobile Device Security Analyst (GMOB) Education



Education:

* Bachelor's and/or Master's Degree in computer science, engineering or related field or significant relevant industry experience



All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com

Requisition code: DE20USAGTS005FF0025

*
*
*
*
*
*