Position Summary

　　Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte Technology US (DT - US). We are curious and life-long learners focused on technology and innovation.

　　Work you'll do

　　The Lead Analyst, Cyber Security Architect, role provides support to Government and Public Services (GPS) Business Information Security Officer (BISO) function for maintaining the appropriate cyber security posture for systems and applications supporting business operations and client delivery. This role will support the development of information technology solutions by leading and evaluating the security components of solution architectures with a focus on cloud. This will include determining security requirements, design specifications, and compliance controls as well validating adherence to security policies, standards, and industry-accepted best practices. This role will be responsible for providing deep technical expertise regarding security risks and risk mitigation approaches. Additionally, this role will assist in the creation a unified approach to security to support the rapid evolution and innovation needs of our information technology projects and cloud migration efforts.

　　Responsibilities:

　　Develop security architecture and guiding principles to support information technology initiatives with a focus on cloud.Drive, influence and coordinate a secure approach to the development of solutions across the enterprise.Deliver deep technical guidance related to enhancing the security posture information technology solutions.Participate in the security governance model, establishing policies, standards, and best practices.Proactively address changes in the external threat landscape that have an impact on the use of on-premise and cloud computing technologies.Lead, coach, and mentor project teams to incorporate security into enterprise and client-facing applications.Assist with the integration of security into cloud services delivery standards.Oversee and drive the design and implementation of security architecture controls in support of compliance requirements.Develop and deliver communications to management and company-wide stakeholders.Plan for system and application migration(s) to the cloud, adhering to the client's technical and business requirements.Review and understand technical design documentation for integration and implementation of new cloud applications and systems.Communicate effectively through strong written and oral communication skills for technical and non-technical audiences.Plan for system and application migration(s) to the cloud, adhering to the client's technical and business requirements.Develop and document technical designs for integration and implementation of new cloud applications and systems.Integrate with non-cloud technologies and third-party vendor products/services.Support security architecture and guiding principles and apply to information technology initiatives.Deliver technical guidance related to enhancing the security posture of information systems solutions.Actively participate in the security governance model, establishing policies, standards, and best practices.Contribute to addressing changes in the external threat landscape that have an impact on the use of on-premise and cloud computing technologies.Assist the design and implementation of security architecture controls to meet compliance requirements.

　　The team

　　Deloitte Technology US (DT - US) helps power Deloitte's success, which serves many of the world's largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.

　　The ~3,000 professionals in DT - US deliver services including:

　　Cyber SecurityTechnology SupportTechnology & InfrastructureApplicationsRelationship ManagementStrategy & CommunicationsProject ManagementFinancials

　　Cyber Security

　　Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.

　　Areas of focus include:

　　Risk & ComplianceIdentity & Access ManagementData ProtectionCyber DesignIncident ResponseSecurity ArchitectureBusiness Partnership

　　Required Qualifications:

　　Bachelor's degree in Information Technology, Computer Science or equivalent educational or professional experience and/or qualificationsMinimum 8 total years various technology related experienceMinimum 5 years of enterprise information security architecture and information security system design.Minimum 2 years of experience including cybersecurity and/or risk management experience in organizations of a similar scale or client-service experience.

　　Preferred Qualifications:

　　Experience integrating security into cloud solutions.Strong working experience in multiple (two or more) cyber security disciplines such as (but not limited to) Application Security, Cloud Security, Data Protection/Encryption, Logging and Monitoring, or Data Loss Prevention (DLP).Experience with Amazon Web Services (AWS) security and Azure or GCP.A background in general security practices such as identity and access management (IAM), encryption, and multi-factor authentication, security information and event management (SIEM), etc.Security certification in Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or Certified Information Security Manager (CISM).Security certification in either Google - Professional Cloud Architect; AWS - Solutions Architect - Professional; or Azure - MCSE: Cloud Platform and Infrastructure (Infrastructure Focus).Strong Knowledge of cyber security standards and frameworks such as ISO 17799/27001, FEDRAMP, NIST 800-53, NIST 800-218 or NIST 800-171.Demonstrated ability planning and developing support processes that adhere to Software or System Development Lifecycle best practices, with minimal supervision.Must be able to architect and create quality technical solution documentation with minimal supervision.Must have strong consulting skills (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc.).Must be able to lead the development of technical artifacts including Requirements Traceability Matrix (RTM), Detailed Technical Design, Security Architecture Plan, Services Description Document, etc., with minimal supervision.Must be able to deliver in a highly matrixed organization.Must be able to communicate effectively through strong written and oral communication skills for technical and non-technical audiences.Must have strong MS Excel, PowerPoint, and presentation skills.Must be able to interact effectively with professionals at all levels and capable of communicating recommendations and solutions.GIAC Web Application Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), Offensive Security Certified Professional (OSCP), or Certified Ethical Hack (CEH).Master's degree or higher.Experience with servers, firewalls, and network Infrastructure.Possess any additional certifications (one or more) for the design/development of distributed solutions on a leading infrastructure platform such as:Google - Professional Cloud ArchitectAWS - Solutions Architect - ProfessionalAzure - MCSE: Cloud Platform and Infrastructure (Infrastructure Focus)Google Cloud Platform Qualified DeveloperMicrosoft Azure Solutions ArchitectIBM Certified Solution Architect - Cloud Computing InfrastructureRed Hat Certified ArchitectExperience developing cloud security vision, strategy, and roadmaps.Experience overseeing cloud infrastructure design and developing detailed architecture models for the client to host test, development, and production environments.Exceptional verbal and written communication skills.Experience supporting cyber strategy with cross-functional executive level stakeholders.Demonstrated ability supporting organizational change and working with multiple business units.Knowledge and experience across multiple information protection and security domains.Knowledge of IT asset management and/or configuration information database (CMDB).Broad knowledge and experience across IT infrastructure with security frameworks and standards such as ISO 27001, NIST, and other relevant security-related regulations.Deep understanding of with non-cloud technologies and third-party vendor products/services integration.Understanding of and ability to effectively apply trends and developments in global security and risk management.

　　Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

　　The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is$93,000 to $191,000.

　　You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation

　　#NDO2023

　　EA_ExpHire

　　RITM5898619

　　RITM5898672

　　#LI-Remote

　　Recruiting tips

　　From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

　　Benefits

　　At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

　　Our people and culture

　　Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture.

　　Our purpose

　　Deloitte's purpose is to make an impact that matters for our clients, our people, and in our communities. We are creating trust and confidence in a more equitable society. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. We are focusing our collective efforts to advance sustainability, equity, and trust that come to life through our core commitments. Learn more about Deloitte's purpose, commitments, and impact.

　　Professional development

　　From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

　　As used in this posting, "Deloitte" means Deloitte Services LP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.

　　All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

　　Requisition code: 157222