Cyber Data Security - Project Delivery Lead

at Deloitte in Arlington Heights, Illinois, United States

Job Description

At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success-and to the strength of the economy and public security.

By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas.

Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities-from strategic, reputation, and financial risks to operational, cyber, and regulatory risks-to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting- edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients most complex issues.

The TeamCyber & Strategic RiskWe help organizations create a cyber- minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever- changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm.

Cyber Risk Services (CRS) group is part of the wider Technology Risk Service line within Advisory practice in Deloitte. We help “Fortune 500” clients solve business issues related to risk management, cyber threats, privacy, governance, business resilience & process improvements. Learn more about our Cyber Risk Services practice.

Deloitte’s Cyber Strategy and Governance practice is focused on helping our clients to design and implement transformational programs to reduce and manage cyber threats. We help our clients to define their overall cyber strategy, design global, pan-enterprise programs that focus on mitigating threats, evaluate their objectives, priorities, strengths, and weaknesses and roll out large scale organizational changes to achieve goals.Work you’ll doKey responsibilities

+ Lead, support and operate data protection and process solutions using client-specific technologies to minimize data compromise and breach risks.

+ Formulate technical specifications, have understanding of vendor products, solution architectures, and ability to manage data protection, public key infrastructure (PKI), and data security solutions.

+ Recommend clients on cybersecurity issues and recommend best practices in PKI and data protection.

+ Lead a team of data protection professionals, ensuring adherence to Service Level Agreements (SLAs) and promoting ongoing process enhancements.

+ Direct daily security operations, lead teams, and collaborate with key stakeholders to foster continuous improvements while ensuring operational stability.

+ Display strong leadership and communication skills to manage a team operating 24/7.

+ Respond to major incidents and service disruptions affecting clients.

+ Develop and enhance the skills of the team in alignment with project and practice requirements.

+ Contribute to Deloitte’s thought leadership within client engagements and the broader industry.

+ Serve as a technical expert in your field.

+ Maintain professional certifications and fulfill educational requirements.

+ Proactively pursue personal development and career growth through continuous learning.

+ Comply with Deloitte’s internal security standards and other corporate policies.

+ Engage with stakeholders to establish and maintain effective working relationships across the organization.

Qualifications and Experience Required:

+ Bachelor’s degree in Computer Science, Cyber Security, Information Security, Engineering, or Information Technology

+ 6+ years of experience in leading operational engagements focused on Data Protection solutions.

+ Proven track record in overseeing operations for technologies and processes related to Data Protection, assisting clients in mitigating risks associated with data breaches and leaks.

+ Comprehensive knowledge of the data protection ecosystem, including a thorough understanding of various information security domains and their interconnections within the ecosystem.

+ Demonstrated expertise in deploying and managing Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), and endpoint protection technologies using platforms like Bitsight, Netskope, Proofpoint, and Cyera.

+ Practical experience with AWS Certificate Manager, Entrust, KeyFactor, and other Public Key Infrastructure (PKI) solutions.

+ Familiarity with key industry and regulatory standards such as PCI, HIPAA, NIST Cyber Security Framework, NERC, or FFIEC.

+ Skilled in enhancing data security operations, including ruleset adjustments, triage processes, and reporting for solutions like DLP and data discovery.

+ Offer guidance and best practices for Database Activity Monitoring (DAM) operations, improve and stabilize DAM system performance, including rules and reports, and support DAM tool upgrades.

+ Demonstrated ability to understand and meet the needs of both internal and external clients, characterized by: o Exceptional problem-solving and critical thinking abilities. o Collaborative approach in working with clients to design and implement process and technology solutions.

+ Ability to establish and maintain trust-based relationships with stakeholders.

+ Excellent communication skills, both verbal and written.

+ Strong grasp of cryptographic concepts and their application in practice.

+ Ability to travel up to 30%, on average, based on the work you do and the clients and industries/sectors you serve

+ Limited immigration sponsorship may be available

Preferred:

+ Strong domain expertise, operations, implementation and/or integration skills in two to four or more (depending on years of experience) of following areas:

+ Data discovery, inventory, and classification solutions (e.g., Microsoft, BigID, Cyera)

+ Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) (e.g., Microsoft, Netskope, Proofpoint, Zscaler)

+ Database Activity Monitoring (DAM) (e.g., Imperva, IBM Guardium)

+ Data Access Governance (e.g., Varonis)

+ Information Rights Management (e.g., Microsoft, Seclore, Vera)

+ Data Security Posture Management (DSPM) tools (e.g., Symmetry, Flow, Polar, Laminar)

+ Systems administration experience with various operating systems such as Windows Server, Unix, and Linux

+ Database administrator (DBA) experience with database technologies such as Oracle and Microsoft SQL

+ Security of data lakes, and data warehouses leveraging unstructured databases and big data platforms

+ Technical skills including scripting – Python/JAVA/ASP/C#/Powershell, Coding frameworks

+ Experience with Unix/Linux and Windows operating environments

+ Data protection product certifications

+ Previous consulting experience, particularly with Big 4 firms, is preferred.

+ Professional certifications around CISSP, Cloud, CISM, or CISA are highly desirable.

+ Solid understanding of the ITIL framework, with specific knowledge in Incident Management, Change Management, and Problem Management

Information for applicants with