Work you’ll do

As a professional working for Cyber Strategy & Governance you’ll build and nurture positive working relationships with clients with the intention to exceed client expectations. You’ll:

• Work with senior management stakeholders to define and implement overall future state philosophy and capabilities for the clients’ cyber security programs

• Design and develop cyber security strategies and programs for large and complex organizations

• Define and implement cyber risk management structures, governance models, organizational transformations in the areas of cyber security

• Assess, develop, and implement information security programs, including organizational design and key processes for our clients

• Develop and tailor approaches, methods and tools to support clients cyber risk programs and initiatives

• Manage and execute cyber risk engagements across the development lifecycle – strategy, design, implementation and managed services

• Facilitate enterprise decision making by providing a holistic view of enterprise wide cyber risk; assessing the level of risk and providing inputs into the management of risk

• Review clients’ cyber posture, strengths and weaknesses in the context of business environment, goals and objectives. Develop prioritized recommendations based on gaps and clients’ priorities and constraints

• Assist clients in developing remediation plans and roadmaps that enables them to perform financial and resource planning for their cyber risk programs

• Drive organizational changes and establish governance structures to achieve cyber goals and objectives

• Provide strategic and operational advice in the areas of safeguarding critical information, preventing identity theft, privacy etc.

The team

Cyber Risk Services (CRS) group is part of the wider Technology Risk practice within Deloitte Advisory. We help

“Fortune 500” clients solve business issues related to risk management, cyber threats, privacy, governance, business resilience & process improvements. Learn more about our Cyber Risk Services practice.

Deloitte’s Cyber Strategy and Governance practice is focused on helping our clients to design and implement transformational programs to reduce and manage cyber threats. We help our clients to define their overall cyber strategy, design global, pan-enterprise programs that focus on mitigating threats, evaluate their objectives, priorities, strengths and weaknesses and roll out large scale organizational changes to achieve goals.

Qualifications and Experience

Required:

• Bachelor’s degree in information technology or related field

• 2-5 years information security experience

• Excellent verbal and written communication

• Understanding and knowledge of industry standards and industry frameworks (e.g., COBIT, COSO, ISO 27001, PCI, NIST)

• Understanding of security requirements, contributions to security design and hands-on implementation of multiple security technologies and capabilities

• Hands on experience working with stakeholders in identifying, prioritizing and developing plans and roadmaps for cyber security programs

• Broad domain knowledge and strong understanding of three or more cyber security domains including (but not limited to):

• Cyber risk strategy

• Cyber risk program management and delivery

• Cyber security operations

• Security architecture

• Data protection

• Application security/SDLC

• Third party risk management

• Cloud security

• Cyber Threat Intelligence

• Security Operations Center

• Incident Response

• Cyber Resilience