Job Description

Risk Advisory Cyber Risk

What impact will you make? Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance. As the undisputed leader in professional services, Deloitte is where you'll find unrivaled opportunities to succeed and realize your full potential Deloitte is where you'll find unrivaled opportunities to succeed and realize your full potential. The Team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient-not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about our Cyber Risk Practice.Work you'll do As a part ofour Risk Advisory team, you'll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. The Cyber Risk Services -Cyber Vigilance & Operationspractice helps organizations in assessing and establishing their cyber securityappetitevia the Secure. Vigilant. Resilient. Programs, and also in assistingin the ongoing management, maintenance, and adaptation of their programs,as the business and threat environments change.The Cyber Risk Services -CVOteam delivers service to clients through following key areas of cyber security:.Understanding of security and privacy controls and the risk management process focused on Cyber Threat Management services..Understand basic business and information technology management processesKnowledge in one or more Cyber Threat Management domains such as: Assessment Services, Application Security, Vulnerability Management, Infrastructure Security, Threat Management, Cyber Operations/Fusion Managed Services, Incident Management and Data Protection solutions.Direct prior experience with core security technologies (SIEM, firewalls, IDS/IPS, HIPS, proxies, vulnerability scanners, AV, etc.) .Prior experience as a SOC Analyst ideally working in a CIRT.Familiarity with industry standards and frameworks such as OWASP, CIS, NIST ISO/IEC 17799, etc. .Demonstrates basic knowledge of security and privacy controls and risk management processes. .Experience with vulnerability assessment tools (such as: Nessus, nmap, Appscan, etc.) and Infrastructure Security solutions..Develops an understanding of Cyber Threat Management's methodologies, frameworks and tools. Applies the basic Network concepts (TCP/IP) and Application programming knowledge during Cyber Threat Management services.Concentrates on capability building for self..Explore/learn newThreat managementtechnologies with guidance from team leads. Risk Advisory Cyber Risk .Support in identifying new threat use cases, etc.Raise technical risks and assist in process compliance activitiesThe key skills required are as follows:.Good working knowledge of one or more of the following topics: oOperating systems (UNIX, Linux, Windows) oNetworkingoSecurity technologies (SIEM, firewalls, IDS/IPS, HIPS, proxies, vulnerability scanners, AV, etc.)oPenetration testing and ethical hackingoVulnerability assessment and management.Industry certifications (CISSP, GIAC -GREM/GCIH/GCIA/GCFA) are a strong asset.Basic expertise in scripting languages (Python, shell, etc.) .Strong communication skills (written & verbal).Subject matter knowledge in Comp Science & Electronics.Working knowledge of computer systems (operating systems, databases, applications etc.).Working knowledge of TCP/IP and networking conceptsBasic technical documentation skills and understanding of SDLC processes