Cargando...
Enviar candidatura ahora »

Join us as a Technical Specialist!

Join us as a Technical Specialist!

The Cybersecurity Team wants to meet you!

 

Are you up for it?

 

Who we are:

 

We are Risk Advisory Spain, made up of more than 1,700 professionals that help organisations to make decisions in an intelligent manner, in order to prevent and manage business and operational risks, along with those existing in technological, financial, and non-financial processes.

Deloitte leads with purpose, solving complex issues for our clients and communities. Across disciplines and across borders, Deloitte Touche Tohmatsu Limited (DTTL) Global supports our network of national member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Our people share a passion for igniting change and a strong service orientation that shapes our organization and those it supports. 

 

The Deloitte Global Cybersecurity function is responsible for the firm’s overall objectives in enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations centres. The Cybersecurity organization delivers a comprehensive set of cybersecurity services to Deloitte member firms through regional delivery hubs and a Global Fusion Centre. 

This role will oversee regional security testing operations for member firms in region, reporting to the Regional Customer Service Delivery Lead. The role is targeted to support market leading testing services impacting vulnerability, code and manual security assessments.

 

What are we looking for?

 

Education

  • Bachelor’s degree in Computer Science, Cyber Security, International Cyber Security, or equivalent education experience.
  • Candidates with the requisite work experience below would also be considered

 

Work experience:

  • Minimum of 6 years of combined experience in the Information Security / Cybersecurity domain with a focus on security risk management
  • At least 3 years holding a management role for delivery of penetration testing or red team operations
  • Proven track record and experience of the following in a highly complex and global organization:
  • Application Security testing services experience working with both testing tools and any facet of penetration testing services
  • Penetration Testing
  • Security Analytics to drive risk reduction
  • Risk Management – ability to convey technical risks to business managers and executives
  • Application/Infrastructure Architecture experience
  • Experience working with variety of cultures across the globe and have the patience, understanding and empathy to work collaboratively and effectively

 

Skills/abilities:

  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to effectively communicate all security services within the realm of risk management, convey information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels
  • Sound knowledge of business management and an expert level of knowledge of penetration testing
  • Experience interacting, presenting and working with C-level executives (CISO, CIO, etc.) and lower business management as well as technical management teams
  • Ability to provide process and service improvements in an effective and professional manner
  • Foundational knowledge and understanding of information security legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), GDPR and Payment Card Industry/Data Security Standard
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework
  • Ability to travel as needed up to 10%

 

Certification:

  • Professional security management certification required (at least 1 active certification from any of the following), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials such as any SANs ethical hacking certifications.

 

Your daily tasks will include...

 

Strategic:

  • Holds a broader picture in developing and enhancing the technical delivery of security testing services
  • Provide strategic input into the future directions and enhancements that will increase service value and drive an improved risk posture

 

Operational

  • Take ownership of regional security testing staff management to ensure that regional operations best support customer requests
  • Act as the technical SME within region, supporting management and customer technical queries and assisting the customer services team in representing our services 
  • Guide the development of testing methodologies and documentation to support service delivery
  • Oversee and monitor the quality of security testing;
  • Vulnerability scanning
  • Code assessments (SAST/DAST)
  • Software/Web Application/Web Services penetration testing
  • Network Penetration Testing
  • Mobile Application Penetration Testing
  • Thick Client Penetration Testing
  • IAST
  • Ensure technical deliverables are of a quality nature and provide practical intelligence to help member firms remediate vulnerabilities identified in security testing activity 
  • Ensure training paths and research and development are fundamental building blocks for fostering and developing talent within the operational teams
  • Contribute to the technical working group to support
  • Develop consistent operational process, rules of engagements and methodologies to deliver quality penetration testing services to Deloitte’s global network
  • Ensure training paths and research and development are fundamental building blocks for fostering and developing talent within the security testing team
  • Define requirements for enhancements to reporting and tooling needs

 

Relationship Management

  • Work closely with Application and Network Security leads to inform strategic direction of technical services
  • Works closely with the customer management teams to ensure appropriate customer facing documentation and communications are present to facilitate effective entry points and service offerings are present 
  • Aligns and collaborates with other service delivery managers in the Attack Surface Assessment group to understand trends, issues and risks and to exchange expertise 

 

How you'll grow:

 

Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.

 

What Deloitte offers:

 

Being part of a team that is leading the technological revolution. High commitment to our clients and to society. Diversity, integrity, and generosity as some of our core values.

Deloitte’s Total Rewards program reflects our continued commitment to lead from the front in everything we do — that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.

 

Corporate Citizenship:

 

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.

 

Keen to grow personally and professionally with us?

 

Click on apply and let’s grow together! 

 

Click here to find out more about our Cyber team!

 

What impact will you make?

 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Población:  Madrid
Tipo de Puesto:  Profesionales Con Experiencia
Línea de Servicio:  Riesgos
Req Id:  18817

Enviar candidatura ahora »