Senior Consultant to Senior Manager, Application Security, Cyber Security, Risk Advisory
15th September 2020
This job has now expired please search on the home page to find live IT Jobs.
The first SQL injection became known to the world around Christmas 1998. 20 years later, the world of software and application security is still extremely complex, challenging, and attractive for hackers as well as skilled security software engineers. The Deloitte Cyber Security team provides consulting services to customers across the industries (from multinational corporations to small regional players), working together on the quest of increasing the security in software and applications. We are looking for builders, breakers and defenders.
We are proud to offer flexible working arrangements which allow our people to choose the most suitable working arrangement that works for them. Whether this is working 4 days per week, taking the summer months off work, or more flexibility around your working pattern, we consider both formal and informal working arrangements that allow our people and our clients the best outcome.
Specific Skills Required
Currently within the Cyber Applications team we have some specific skills required:
Topics and type of engagements you can expect to work on:
Building security into the software development life cycle, and Agile sprints, and DevOps projects.
Manual and automated security code reviews. Static and Dynamic application security test using tooling such as Checkmarx, Fority, Webinspect, Veracode, and others.API security
Providing security within Continuous integration, development and releases processes.
Providing secure coding training to customers.
Vulnerability management within secure software development lifecycle (SSDLC)
Directing team members in terms of content and professional skills.
Be able to communicate a strong vision towards clients regarding SSDLC
End to end project management of SSDLC related projects.
Perform a QA role on project deliverables and provide a high quality result.
Financial monitoring of projects you manage.
Advise customers and propose technical solutions which both fit within the customer environment and that might be integrated with other Cyber Risk Advisory services.
Client relationship management.
Manage relations with market, suppliers and SSDLC security expert groups.
Be proactive on the topic of business development and acquisition of new projects and in your field of expertise.
Adding value to commercial processes and expanding the network of senior stakeholders at our clients.
Your work, your choice
At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. Please speak to your recruiter about the working pattern that works best for you.
Location: London with Occasional Domestic and international travel
Work Pattern: Full time opportunity
Your professional experience
Candidates should have at least a Computer Science (Bachelors) degree or similar and a drive to keep developing themselves. Education as Application Security professional will never stop and we expect our professionals to keep developing themselves and keep up-to-date with current techniques and new vulnerabilities. In exchange, we provide an extensive training and development program, access to conferences. We welcome you in our Capture the Flag Hack.ERS team. We expect understanding of security concepts (e.g. OWASP, SANS, CVE) and experience and passion in software engineering (coding background). Other experience sought include:
Knowledge and experience of Terraform (min. 1 year) in addition knowledge and experience of Ansible, AWS and/or Azure, would be beneficial.
Past knowledge and experience of one or more of the following languages: Java, PHP, Linux, Python, Linux, Ruby, C++, C#
Demonstrable relevant work experience.
Knowledge of secure software development processes, such as SAMM, BSIMM, ISO27034.
Extensive experience in conducting and managing SSDLC projects.
Good leader, excellent communication skills (spoken and written), the ability to lead a project, able to head teams (Customer and/or Deloitte team) and build good business relations.
A holistic understanding of security, good overview of all aspects within security (prevention, detection and response) and relevant certifications (such as such GICSP, CISSP, CISM) are value added.
A team player who is eager to both experts in their own field, as well as with experts from other Deloitte collaborate on the best solutions for our customers.
Experience in working in a commercial environment is a plus.
Stress-resistant, flexible and accurate.
Above all, we are looking for a new colleague who combines a passion for security with a keen interest in creating secure software. Do you want to combine fast software development with creating secure software? Do you think security should help organizations to move faster? Then we might share the same line of thinking and approach and would love to get to know you!
Your service line: Risk Advisory
In Risk Advisory, our thinking and actions give clients, our people and society the confidence to grow responsibly in a rapidly changing world. We don't just work with our clients to manage risk, we help them understand and grab the opportunities it presents too, helping them gain a competitive advantage. Our expertise and industry knowledge run deep here. At Deloitte, you'll find yourself working with some of the most inspiring and experienced colleagues and with clients who trust you to lead the way to smart choices, better control frameworks, and new systems, including bespoke solutions that have a direct impact on their bottom line.
Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process.
Our Purpose & Strategy
To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent.
What do we do?
Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Legal, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world.
Beyond the UK: Deloitte North and South Europe
The UK is part of Deloitte North and South Europe (NSE), the second largest member firm in the Deloitte network. Deloitte NSE combines operations in Belgium, Central Mediterranean (Italy, Greece, Malta), Ireland, the Middle East (Bahrain, Cyprus, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Oman, Palestinian Ruled Territories, Qatar, Saudi Arabia, United Arab Emirates, Yemen), the Netherlands, the Nordics (Denmark, Finland, Iceland, Norway and Sweden), Switzerland and the UK. Deloitte NSE brings together 2,700 partners and over 50,000 people, combining our unmatched breadth and depth of capabilities in audit and assurance, consulting, financial advisory, risk advisory, and tax and legal across the region. Being part of Deloitte NSE supports our aspiration to be the undisputed leader in professional services and will create more opportunity and growth for our people.
What do we value?
What brings us all together at Deloitte? It's how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for maximum impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most.
Being a Leader at Deloitte
Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work - and value them as individuals; always finding opportunities to develop them while showing respect and appreciation.
We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we're looking for:
We live our purpose: we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make
We develop talent: we develop high-performing people and teams through challenging and meaningful opportunities
We drive performance: we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders
We believe positive influence can make an impact that matters: we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
We move, together, towards a strategic direction: we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction.
Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 1 New Street Square, London EC4A 3HQ, United Kingdom.
Deloitte LLP is the United Kingdom affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients.
© 2020 Deloitte LLP. All rights reserved.
Requisition code: 177914