What impact will you make?
This is a fantastic opportunity for a results driven individual to join the Deloitte IT Business Quality Services – a cross-disciplinary team that is responsible for ensuring quality, as well as security aspects information technology system.
The role requires security SME knowledge to lead and direct security testing activities including penetration testing & application vulnerability code scanning to be delivered by our suppliers for a range of products; and working with the Product Owners to address vulnerabilities. A key aspect to this role is scheduling and coordinating the testing programme. Successful candidates will be expected to demonstrate relevant experience working in a dynamic environment dealing with complex challenges, and communicating to all levels of the business.
This is how
- Provide technical support during security incidents, ensure root cause analysis is undertaken factoring in outstanding un-remediated findings that may be exploited
- Provide continuous improvement to the Technology Security function
- Collaborate with Cyber Risk to develop and maintain secure technology solutions; and
- Ensure the IT Security team are aligned on the Cyber Risk future strategic direction and a consistent view is given as part of project consultancy.
With offices across the Netherlands and more than 6000 employees Deloitte is a leading organization in the field of Audit, Tax, Consulting, Financial Advisory Services and Risk Services. Innovation and initiative are key.
What we offer
Deloitte IT, with about 160 employees, provides information and communication technology, online services, access systems, audio-visual equipment, building management, facilities management and cabling for all Deloitte departments. IT professionals like to work with us because of innovative character of our activities. Our culture is described as dynamic, informal, innovative, social, international, team-oriented, results-oriented and challenging.
Penetration Test Scheduling and Remediation
What you offer
- Support the Product Owners and represent the NL Firm to ensure that the scoping and delivery of security activities (e.g. penetration tests) meets our standards and addresses the required risks
- Have responsibility for arranging penetration testing and code scanning activities to identify security weaknesses within the services that Deloitte consume, develop, or recommend to clients
- Ensure that testing adheres to the scopes agreed in the Statement of Work
- Develop a culture of in-depth understanding as to why security testing is required at both business and internal team level
- Analysis of findings in conjunction with the Security Test suppliers
- Lead remediation of findings to ensure these are resolved in line with the firms standards
- Provide inputs into the management of the Security Test suppliers
- Work closely and build relationships with other Deloitte North West Europe member firms
- Provide quality reports to summarise test activities, including objectives, planning, methodology, results, analysis and recommendations to leadership.
Lets make impact. Apply now!
- Strong academics, including a minimum of 2.1 degree or equivalent industry experience
- Preferred industry qualifications - CISSP , CISM, CISA, CRISC or SABSA CEH, GPEN, or CREST CRT desirable
- Broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies
- Understanding of information security principles and best practice (e.g., ISO27001 and ISF Standards of Good Practice for Information Security)
- Knowledge of cyber attacks and hacking techniques
- Strong technical abilities, combined with business acumen
- A good understanding of IT networking and access management concepts
- Ability to understand and assess technology systems and applications from both a technical and business function perspective
- Ability to communicate business and technical risk and security to all levels of audience
- Excellent interpersonal skills with the ability to build and influence teams; and
- Self-motivated and able to deal with multiple projects.
Please contact us today for an introduction. Click on the button below and fill in your personal information.
If this position does not fit you, and you know someone who fits perfectly to the outlined profile, please forward the vacancy.
- Fulltime (startersfunctie)