Global Technology Assistant Manager / Manager - Penetration Tester Cybersecurity

Title: Global Technology Assistant Manager / Manager - Penetration Tester Cybersecurity

What impact will you make?

At Deloitte, we offer a unique and exceptional career experience to inspire and empower talents like you to make an impact that matters for our clients, people and community. Whatever your aspirations, Deloitte offers you a highly inclusive, collaborative workplace and unrivalled opportunities to realize your full potential. We are always looking for people with the relentless energy to push themselves further, and to find new avenues and unique ways to reach our shared goals.

So what are you waiting for? Join the winning team now.

Work you’ll do

As part of the Global Cybersecurity team, responsibilities will be to work with customers to deliver technical assessments against a broad range of services. You will use your strong communication skills to provide consultative guidance to customers on findings identified, how to effectively engage services and the available capabilities.

Key responsibilities include:

• Provide strategic input in developing and enhancing the technical delivery of security testing services
• Provide strategic input into the future directions and enhancements that will increase service value and resourcing deployment efficiency
• Take ownership of regional staff management to ensure operations best support customer requests
• Act as the technical SME within the testing teams, supporting management and product quality assurance
• Guide the development of testing methodologies and documentation to support service delivery
• Oversee and monitor the quality of security testing;
  • Code assessments (SAST/DAST)
  • Software/Web Application/Web Services penetration testing
  • Network Penetration Testing
  • Mobile Application Penetration Testing
  • Thick Client Penetration Testing
  • Contribute to the technical working group to support
  • Quality review reports and customer output
• As needed conduct penetration testing exercises to support customer demand
• Consistent operational process, rules of engagement and methodologies to deliver quality penetration testing services to Deloitte’s global network
• Ensure training paths and research and development are fundamental building blocks for fostering and developing talent within the security testing team
• Define requirements for enhancements to reporting and tooling needs
• Work closely with the customer management teams to ensure appropriate customer facing documentation and communications are present to facilitate effective entry points and service offerings
• Align and collaborate with other service delivery managers in the Attack Surface Assessment group to understand trends, issues and risks and to exchange expertise

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves everyday to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. In addition to living our purpose, Senior Associates / Senior Consultants / Assistant Manager across our Firm are expected to:

• Understand objectives for stakeholders, clients and Deloitte whilst aligning own performance to objectives and sets personal priorities.
• Develop themselves by actively seeking opportunities for growth, shares knowledge and experiences with others, and acts as a strong brand ambassador.
• Seek opportunities to challenge themselves, collaborate with others to deliver and takes accountability for results.
• Build relationships and communicates effectively in order to positively influence peers and stakeholders.
• Work effectively in diverse teams within a highly inclusive team culture where everyone is supported, respected and recognized for their contribution.

Requirements

• Bachelor’s degree in Computer Science, Cyber Security, International Cyber Security, or equivalent education experience.
• At least 5 years of combined experience in the Information Security / Cybersecurity domain with a focus on security risk management
• At least 3 years holding a management role for delivery of penetration testing or code assessment
• Proven track record and experience of the following in a highly complex and global organization
• Application Security testing services experience working with both testing tools and any facet of penetration testing services
• Penetration Testing
• Security Analytics to drive risk reduction * Risk Management - ability to convey technical risks to business managers and executives
• Application/Infrastructure Architecture experience
• Experience working with variety of cultures across the globe and have the patience, understanding and empathy to work collaboratively and effectively

Other Qualifications

• Professional security management certification with at least 1 active certification from any of the following;
  • Certified Information Systems Security Professional (CISSP),
  • Certified Information Security Manager (CISM),
  • Certified Information Systems Auditor (CISA)
  • Or other similar credentials such as any SANs ethical hacking certifications.
• Knowledge of business management and an expert level of knowledge of penetration testing
• Experience interacting, presenting and working with C-level executives (CISO, CIO, etc.) and lower business management as well as technical management teams
• Knowledge and understanding of information security legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), GDPR and Payment Card Industry/Data Security Standard
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework

Due to volume of applications, we regret only shortlisted candidates will be notified. Candidates will only be contacted by authorized Deloitte Recruiters via firm’s business contact number or business email address.