Information Security Architect (Assistant Manager), IT Services, London
To work in the innovative and creative CISO team. A world class operation with extensive knowledge and experience. Interfacing with business and technical teams and bringing about change and influence across the whole world of Deloitte. Apply your skills here to make things happen, great people, great purpose and passionate about our work. Your role
As an Information Security Architect you will be;
Your work, your choice
- Assisting in the designing, implementing and maintaining key security technology to improve security posture and strengthen security defenses.
- Assisting in defining and executing repeatable and measurable security operating processes to include project intake and stakeholder management.
- Supporting the identification of key metrics for the desired outcomes of an efficient security services to the enterprise which include appropriate OLAs.
- Contributing to the end to end Security Architecture reviews as part of an IT lifecycle and security reviews throughout a change advisory board.
- Assisting with security research on the latest new security technologies.
- Helping to implement key strategic initiatives with consistent and repeatable output which include any new projects activity.
- Providing input on BAU and project budget.
- Collaborating with other Information Security professionals to drive widespread adoption of security best practices.
- Helping to implement security through globally standardized automation with CI/CD processes.
- Working with key IT service providers to ensure industry standard platform, network and endpoint security posture.
- Helping to ensure industry standard framework implementation
- Helping to ensure project delivery by working with PMO and defining relevant milestones for CISO consumption
- Assisting with defining and providing relevant metrics and trends for CISO consumption.
- Implementing overall Information Security strategy.
- Helping to influence security policy, standards and guidelines.
In the CISO team we are results focused and believe in excellence in respect in all aspects of our work and interaction with each other. We make full use of technologies that help support different ways of working. At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk.
We, therefore, carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. If the working pattern you are looking for is not specifically indicated below, we are happy to discuss alternative arrangements.
Suggested work pattern: Permanent full time Your professional experience
No previous architectural experience is required for this role. Training and development will be provided, both on the job and through formal courses.
Key requirements for this role are an interest in architecture, a willingness to learn and at time work outside of you comfort zone and a natural level of curiosity for all things cyber security related.
This is the idea step for someone with multiple years of hands on security experience as an analyst, engineer or consultant who is looking to move their career towards architecture.
The type of skills and experience we are looking for are :
Your service line: Internal Services
- Base security accreditation such as CISMP, CompTIA Security+ would be beneficial.
- Three years + in a cyber security related role. This can include technical roles such as Security Analyst, SOC Analyst, Incident Responder or other security operations or technical delivery roles such as security engineering and consultancy. Any exposure to architecture is beneficial but is not required.
- Understanding of security principles and emerging technologies. This includes continuous monitoring and making improvements to existing solutions, working with the information security team
- Familiarity best practice guidelines, frameworks and regulations relevant to security such as but not limited to the NIST security framework, CIS Critical Security Controls, ISO27001, GDPR etc
- Understanding of cloud computing and security as applied to these environments. Hands on experience is beneficial but is not required
- Experience of security aspects relating to O365, Azure, AWS would be beneficial
- Understanding of CI/CD pipelines and containers would be beneficial
- Knowledge and understanding of identity and access management (IAM) - the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources
- A understanding of and exposure to a number of cyber security solutions such as mobile threat defense, endpoint protection, data loss prevention, insider threat protection, security monitoring and alerting, information classification, key & certificate management and many more
- Understanding of security operations and incident response. Hands on experience beneficial but not required
- Possess strong communication skills with diverse audiences - strong critical thinking and analytical skills
- Knowledge of different project delivery methodologies including Waterfall, Agile and Hybrid would be beneficial but is not required
At Deloitte, we're all about collaboration. And nowhere is this more apparent than among our 2,000-strong internal services team. With our combined specialist skills, we provide all the essential support and advice our client-facing colleagues need, right across the firm. This enables them to focus all of their efforts on delivering the best service possible to their clients. Covering seven distinct areas; Human Resources, Clients & Industries, Finance & Legal, Shared Services, National Quality & Risk Management, IT Services, and Property & Corporate Services, together we live, breathe and deliver the Deloitte experience. Personal independence
Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process. About Deloitte Our Purpose & Strategy
To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent. What do we do?
Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Legal, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world. Beyond the UK: Deloitte North and South Europe
The UK is part of Deloitte North and South Europe (NSE), the second largest member firm in the Deloitte network. Deloitte NSE combines operations in Belgium, Greece, Ireland, Italy, Malta, the Netherlands, the Nordics (Denmark, Finland, Iceland, Norway and Sweden), Switzerland and the UK. Deloitte NSE brings together 2,500 partners and over 40,000 people, combining our unmatched breadth and depth of capabilities in audit and assurance, consulting, financial advisory, risk advisory, and tax and legal across the region. Being part of Deloitte NSE supports our aspiration to be the undisputed leader in professional services and will create more opportunity and growth for our people. What do we value?
What brings us all together at Deloitte? It's how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for maximum impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most. Being a Leader at Deloitte
Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work - and value them as individuals; always finding opportunities to develop them while showing respect and appreciation.
We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we're looking for:
- We live our purpose: we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make
- We develop talent: we develop high-performing people and teams through challenging and meaningful opportunities
- We drive performance: we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders
- We believe positive influence can make an impact that matters: we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
- We move, together, towards a strategic direction: we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction.
WPFULL SLICSS BAITEC
Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 1 New Street Square, London EC4A 3HQ, United Kingdom.
Deloitte LLP is the United Kingdom affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients. Please see www.deloitte.com/about to learn more about our global network of member firms.
© 2019 Deloitte LLP. All rights reserved.
Requisition code: 176265