Network & Systems Security Senior Analyst

Deloitte & Touche USA LLP is the U.S. member firm of Deloitte Touche Tohmatsu and services are provided by its subsidiaries, including Deloitte & Touche LLP, Deloitte Consulting LLP, Deloitte Financial Advisory Services LLP and Deloitte Tax LLP. Deloitte & Touche USA LLP?s subsidiaries are among the nation?s leading professional services firms, providing audit, tax, consulting, and financial advisory services through nearly 30,000 people in more than 80 cities. Known as employers of choice for innovative human resources programs, they are dedicated to helping their clients and people excel.

The Senior Information Security Analyst is responsible for network & systems security controls design, review and consultation, for groups within and outside ITS; the individual has a deep awareness of current and developing security technologies and architectures to support research and recommendations. This person will work closely with management, other team members, development teams, business analysts, and
end users to ensure data protection for systems used by all areas the organization.
?
Job Responsibilities:?
- ?Independently, or through leading other staff, design, recommend, plan, develop and support implementation of project-specific security solutions to meet tactical, and control requirements.
- ?Provide professional consultation and guidance to Information Security and other team members regarding security aspects and implications of technical design elements of architecture or configurations.
- ?Formulate and recommend strategic technical directions for the Information Security group in collaboration with other teams. Support development of business plans, strategies, policies, standards, processes and procedures within the scope of security.
- ?Implement and enforce the Deloitte US Firms' security policies through escalation of issues to appropriate management and tracking of outcomes and timelines.
- ?Identify security exposures that may currently exist
or may pose a potential future threat to the US Firm's networks or systems.? Ensure InfoSec management is notified when these exposures are identified, as well as a proposed solution for remediation.
- ?Identify, review and document potential future-use security products, architectures and technologies. Pro-actively research new and upcoming security products, architectures and technologies; make determinations regarding the potential usefulness of these in the existing and planned environment. Clearly document the rationale behind recommendations for management review.
- ?Perform internal reviews to ensure procedures are being executed as documented.? Recommend and assist in the development of additional procedures to mitigate identified risks. Support Internal Audit as instructed and assist in the development of the management audit responses.
- ?Assist in security assessments for third party vendors and/or application service providers.
- ?Represent Information Security in a
variety of security and project issues.
- ?Guide and train Security Analysts to increase their knowledge and skill regarding advanced security techniques and methodologies, and convey current, new or potential regulatory requirements for information security.

- ?College degree in Computer Information Systems, Computer Science or equivalent experience required.
- ?Five (5) years of hands-on information security experience with a minimum of three (3) years of systems security experience in Windows, operating systems as well as relevant server applications such as databases and web servers.? Current AIX and/or Linux administration experience preferred.
- ?Deep level of understanding of Window Active Directory and/or UNIX authentication/authorization and administrative skills.
- ?Possession of current CISSP certification preferred; equivalent knowledge required. Familiar with and able to apply time-proven, generally-accepted security methods, concepts and techniques as
they relate to the Deloitte U.S. Firms.
- ?Strong negotiation skills and ability to interact effectively with various levels of management and staff in both technical and business roles.? Able to defuse situations, work around defensive attitudes, and deal with diverse personalities to achieve assignment objectives.
- ?Good understanding of networking (WAN, LAN, wLAN), network domains (Internet, intranet, DMZ), communication techniques/protocols (IP and others), and their combined effects on network and host systems security.
- ?Understanding of basic firewall, IDS/IPS and vulnerability scanner architecture, operations and configuration. Hands-on experience preferred.
- ?Ability to articulate security policies, procedures and guidelines to all levels of management and staff.
- ?Ability to appropriately guide others and/or directly participate in the gathering of evidence, analysis to create effective and clear incident reports, and explanation of root causes and impacts
of security violations for management.
- ?Ability to maintain awareness of local, national and international trends and developments in the area of security and ability to relate them to the needs of the Deloitte U.S. Firms.
- ?Ability to learn and retain new skills as required to meet a changing technical environment.
- ?Ability to travel occasionally (up to 25%), including international travel.
- ?Ability to occasionally work non-standard shifts and/or on-call to support the requirements of the organization.?


Deloitte & Touche USA LLP and its subsidiaries ("the Deloitte US Firms") are equal opportunity employers.

About Deloitte
Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, its member firms and their respective subsidiaries and affiliates. As a Swiss Verein (association), neither Deloitte Touche Tohmatsu nor any of its member firms has any liability for each other?s acts or omissions. Each of the member firms is a separate and
independent legal entity operating under the names ?Deloitte,? ?Deloitte & Touche,? ?Deloitte Touche Tohmatsu,? or other related names. Services are provided by the member firms or their subsidiaries or affiliates and not by the Deloitte Touche Tohmatsu Verein.
Deloitte & Touche USA LLP is the U.S. member firm of Deloitte Touche Tohmatsu. In the U.S., services are provided by the subsidiaries of Deloitte & Touche USA LLP (Deloitte & Touche LLP, Deloitte Consulting LLP, Deloitte Financial Advisory Services LLP, Deloitte Tax LLP and their subsidiaries), and not by Deloitte & Touche USA LLP.




Contact?Information