Deloitte - AERS Consultant - Cyber Threat Management

About Deloitte

- Deloitte is the brand under which independent firms throughout the world collaborate to provide services in a particular geographic area. These firms are members of Deloitte Touch- Tohmatsu Limited DTTL, a UK private company limited by guarantee. With 170,000 people in over 150 countries, Deloitte member firms serve more than 80 percent of the world's largest companies as well as large national enterprises, public institutions, and successful fast-growing companies. Deloitte in U.S.

In the United States, the subsidiaries of Deloitte LLP provide the following services:

- Audit

- Consulting

- Financial Advisory

- Tax

U.S. India AERS Private Limited :

- The Audit & Enterprise Risk Services practice of Deloitte & Touche LLP is dedicated to helping organizations manage risk, improve operational performance, and maximize enterprise value. We bring a business mindset combined with deep technical knowledge and extensive industry experience to creatively address business issues across the full spectrum of accounting, financial instrument valuation, security and privacy, governance, process improvement, data analytics, and risk advisory disciplines.

U.S. India Security and Privacy (S&P) Services :

- S&P professionals design, develop, and implement industry-leading information security solutions to help organizations protect their information and confidential data and to facilitate ongoing, secure, and reliable operations of their businesses and supporting technologies.

- Deloitte's Vulnerability Management services help organizations combat today's growing array of system threats. We help organizations assess their infrastructure, networks and application environments to identify vulnerabilities and control weaknesses. We develop and deploy the technical and architectural improvements necessary to reduce attack exposure.

- Our Vulnerability Management services help organizations identify the technical and architectural improvements needed to minimise exposure to attacks. With our customised methodology, we assess the many aspects of risk to support the identification of both internal and external facing threats. Using both commercial and proprietary tools, we conduct the following vulnerability assessments:

- External penetration testing

- Internal penetration testing

- Wireless penetration testing

- Web application testing

- System, application and network security diagnostic assessments

- Social engineering vulnerability assessments

Know your role in Deloitte :

Job description :

Function : Deloitte AERS India Pvt Ltd

Service line : Technology Risk - Security and Privacy Services

Job level : Consultant

Specific skill set required : Cyber Threat Management

Graduation B.E. Any graduate

Professional qualification : CISSP (Mandatory)

Work experience : 2 to 5 years

The key job responsibilities include the following:

- Experience in information security and controls.

- Should have played a lead role in client engagements (global exposure).

- Exposure to methodologies, such as OWASP preferred.

- Information Security Audit.

- Penetration Testing - Network, Host, Applications (Ethical Hacking).

- Vulnerability Assessments - Network, Host, Applications.

- Security in SDLC (Application Security).

- Secure code review - .NET and J2EE technologies.

- Enterprise IDS Implementation and Testing.

- Operating System and Application Hardening.

- Incident Response Training.

- Information Security Education.

- System security and controls, including:

- Firewall design and implementation (NOT Administration)

- Encryption technology design and Implementation

- Network configuration and administration

- Security auditing techniques.

Preferred technology experience with the following:

- Network Infrastructure security, firewall, and router configuration, switches, secure network architecture, VPNs, PKI, PMI, Portals, Cisco, PERL, Python, C++, XML, HTML.

- Technologies like IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5.

- Strong experience in designing and deploying Security Incident and Event Management (SIEM) solutions (Archsight)

- Experience with content filters, Encryption solutions (RSA).

- Project plan (MPP).

- Vulnerability Management tools: Nessus, NMAP, ISS, AppScan, AppDetective, Qualys Guard.

Strong technical skills and project management skills in handling multiple Vulnerability Management projects. Should have

led subject matter specialist role in Enterprise Security architecture solutions.

Job Purpose:

- Lead client engagements in Infrastructure security technology solution implementation, Penetration Testing, and Vulnerability Assessment on client's IT infrastructure.

- Play subject matter specialist role in presenting risk and mitigation controls to the client based on the assessments (Identify potential vulnerabilities based on misconfiguration, policy, or design flaws on the client's IT infrastructure.)

- Project management and quality management of client engagements

Other details :

Work timing 9:00 a.m. to 6:00 p.m. (expected to stretch during peak periods)

Location - Hyderabad, Mumbai, Bangalore, Gurgaon