Vacancy expired!
- Understand how business functions operate and how industry trends impact a client's business.
- Assessing or developing an organization's cyber risk strategy and posture, as it relates to data risk, cyber risk management, cyber risk frameworks and policies, and/or cyber risk measures, methods, and reporting
- Strategically drive the development and execution of risk assessments and mitigation plans to enhance the client's ability to identify, evaluate, prioritize and mitigate risks
- Implement risk management solutions aligned to the client's vision and strategic priorities
- Work includes project management, offering operations/development, sales, innovation, eminence building and people development.
- Works with all stakeholders to identify and confirm resource necessary program resources throughout the project lifecycle.
- Manages program issues and changes to business plans and resource allocations.
- Coordinate across multiple stakeholder groups and manage end-to-end concurrent projects
- Responsible for effective project and program kickoff, identification of all program stakeholders, defining and clarifying program roles and responsibilities.
- Conduct project analysis and provide an efficient forecast of all project directives and timelines
- Track and manage project financials, project deliverables, timetables, risks, and challenges
- Manages program issues and changes to business plans and resource allocations.
- Documents/communicates status and escalates risks as appropriate.
- Configures, utilizes, and supports key program and project management tools.
- Strong analytical, project budget and forecasting, project management and communication skills. This individual will have strong excel, MS Project, and PowerPoint skills.
- Self-starter with the ability to focus on deadlines and deliverables
- Coordinate across multiple stakeholder groups and manage end-to-end concurrent projects
- Contribute to Deloitte's thought leadership in client organizations and the external market place.
- Drive development and implementation of cyber strategies targeted on key client's risk and business needs, and enhanced by leading practices
- Identify and evaluate complex business and technology risks and remediation methods to mitigate risks
- Demonstrate problem solving, critical thinking and logical structuring skills
- Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
- Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
- Demonstrate a general knowledge of market trends, competitor activities, Deloitte & Touche products and service lines
- Actively mentor and train team members on overall cyber processes, governance, and frameworks
- Work cross-functionally with team members to support and drive a collaborative team environment
- Create and design effective presentations as a means for communicating project and deliverable progress to clients
- Perform sophisticated data analyses to understand client's business and identify risk
- Execute advanced services and supervise staff in delivering basic services
- BA/BS in Business Administration, Supply Chain, Accounting/Finance, Engineering, Computer Science, Information Management Systems, Information Security, Math, or related fields
- 5+ years of experience in the following areas:
- Information security and privacy or cyber risk management
- Implementing security solutions
- Professional services or related roles within industry
- Data Risk, Identity, Risk Assessment, SEIM, NIST/ISO or Regulatory framework - NYDFS or FFIEC.
- IT and cyber security
- Risk assessment and monitoring
- Threat modeling
- Threat remediation
- Identity and access management
- Encryption
- End point security
- Working understanding of cybersecurity concepts across a full range of cyber domains covered in common frameworks like NIST 800-53 and 800-171, NIST CSF, ISO 27001 and CMMC (e.g. Identity Management, Data Protection, SLDC, Encryption, Security Monitoring - SIEM, incident response, etc.)
- Experience with the Cyber regulatory requirements of DoD contractors such as DFARS, ITAR, CUI handling, CMMC, DIBCAC audits, etc. Knowledge of ICD 503 a plus.
- General network security and architecture understanding. Familiarity with cloud engineering and cloud security concepts, zero-trust, IoT, IT architecture and infrastructure design, SMART Factory security, and DevSecOps.
- Experience working as a Dept of Defense (DoD) contractor, consulting to DoD contractors or a former Federal Government employee.
- Experience in change management and/or managed service solution design and implementation a plus
- Experience with consulting skills (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, security contracts, etc.)
- Negotiation skills needed to obtain commitments to remediate risks and vulnerabilities from leadership of other teams
- Ability to travel up to 50% (While up to 50% travel is a requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice)
- Experience managing and leading large project teams and project management skills
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
- Certification in PMI/PMP
- Previous consulting or Big 4 experience
- Certifications such as: CISSP, CISM, or CISA certification a plus
- Active security clearance at the Secret or Top Secret level a plus
Vacancy expired!