Risk Advisory Cyber Risk What impact will you make Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance. As the undisputed leader in professional services, Deloitte is where you’ll find unrivaled opportunities to succeed and realize your full potential Deloitte is where you’ll find unrivaled opportunities to succeed and realize your full potential. The Team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about our Cyber Risk Practice. Work you’ll do As a part of our Risk Advisory team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You’ll: • Serves as technical lead or subject matter specialist on Cyber Security Assessment projects covering either vulnerability assessment & penetration testing, network security architecture review, secure configuration / code review, etc. • Demonstrates ability to work independently on projects with limited supervision and also lead small team with the assistance from Managers • Demonstrates understanding of complex business and information technology management processes • Demonstrates working knowledge of firm tools and methodologies that may be suitable for the engagement • Manages day-to-day client relationships at mid and lower levels. • Lead practice development initiatives The key skills required are as follows: • Understanding of basic business and information technology management processes • Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture • Experience in Infrastructure Penetration Testing and Application Security Testing • Experience in Secure Code Review • Experience in conducting Network Security Architecture Review and configuration reviews of Windows, Linux, UNIX, Solaris, Databases, etc. • Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. • Experience in basic scripting such as: Shell, Python, PERL, etc. • Basic knowledge of Technoilogies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5. • Experience in data protection technologies such as encryption, PKI, tokenization, data discovery, data masking, data redaction, etc. Risk Advisory Cyber Risk Additional Skills • Strong analytical and communication skills (written, verbal and presentation) • Open to learn new tools and technologies as per the project requirement • Interactive with team members and confident during client meetings, under the guidance of senior members of the project • Initiative & drive • Be deadline-oriented and quality-focused • Demonstrates knowledge of one or more industry or functional area • Familiarity with industry standards and frameworks such as OWASP, CIS, NIST ISO27001, etc. • Demonstrates basic knowledge of security and privacy controls and risk management processes • Demonstrates basic knowledge in one or more Cyber Threat Management domains such as: Threat Management, Cyber Operations/Fusion Managed Services, Malware Analysis, Collective Threat Intelligence and Cyber Risk Sciences, Incident Management and Forensics, Data Protection solutions.