Security Services Practice (Tri-State region)
Deloitte & Touche is the global accounting and consulting firm named by
Fortune Magazine as one of America's 100 best places to work for four
consecutive years. With more than 100,000 people in more than 125
countries, the firm provides Consulting, Audit, Tax and High-Growth
Advisory business.
Our Enterprise Risk Services (ERS) practice is a global leader in helping
clients manage risk from the boardroom to the network. As the largest risk
management consulting practice of its kind, we provide a broad array of
services that allow clients around the world to better measure and manage
risk and control, and to enhance the reliability of systems and processes
throughout the enterprise. Our Security Service practitioners are
preeminent providers of e-Transformation security and integrity consulting
services. Our ERS professionals help clients understand exposures,
stabilize security and control processes, mitigate risks, clarify security
and control responsibilities and maximize benefits of e-Business
technologies, from implementation through post-production. To join the
ERS Security Services group, the following are essential:
Security and control implementation experience in an e-business, ERP, or
security applications (e.g. Broadvision, Siebel, Ariba, Commerce One,
Entrust, Tivoli, Netegrity, Oracle, etc).
Strong background in controls re-engineering, application security
implementation, network and system security, distributed system recovery,
distributed systems administration, database administration, security
auditing techniques and/or computer control environments.
Demonstrated ability to write report segments and to participate in
presentations.
Excellent potential for: 1) playing a lead role in designated tasks of the
project team in gathering, organizing and analyzing data; 2) making major
contributions in assuring products/deliverables meet contract/workplan and
3) interact and cooperate with others to ensure that all aspects of a task
are addressed.
QUALIFICATIONS:
- 4+ years IT experience preferably in the information security field
- Experience with some and knowledgeable of most of the following security
technology areas:
Security Architectures for Internet, Intranet, VPN, WAN, LAN, Data Center,
Dial-In, Wireless, etc.
Security Standards (ISO 17799, NIST Orange Book, RFC 2196 - Site Security
Handbook, etc.)
Firewall Security
Network Security Testing
Virus and Content Monitoring
Public Key Infrastructure (PKI)
Encryption (triple DES)
- Ability to develop security baseline strategies and security
methodologies for:
Wireless Technologies
Denial of Service Threats
Intrusion Detection and Security Alert Technologies
VPN Technologies
AAA (Authentication, Authorization and Accounting)
- Prior consulting and/or Big 5 experience highly desired, but not
necessary
- Willingness to travel
- Strong technical, analytical, interpersonal, communication, and
management skills
DESIRED SOFT SKILLS:
- Client Service
Meets client needs by acting with a sense of urgency, practicality
and integrity
Provides managerial and technical guidance
Manages all aspects of infrastructure security engagements in
complex networked environments
Responsible for internal and external communications to include
quality of the team's deliverable's
Responsible for client retention, relationship building, and
communication
- Marketing & Sales
Demonstrates a working knowledge of market trends, including
opportunities and competitors' activities, and analyzes clients and their
needs
Understands the ERS Practice business plans and assumes an active
role in supporting the achievement of plan goals.
Demonstrates a strong commitment to selling and growing the
practice
Support responsibility for meeting assigned individual and team
sales goals
Assist in responsibility for the development of proposals
- Leadership & Team Building
Works actively to keep others motivated, committed, and involved
Evaluate, counsel, mentor and provide feedback on performance of
others
Responsible for oversight of infrastructure security team's training and
development program
- Consulting
Develop security policies and procedures
Perform risk and security assessments, as well as tool evaluations
Design and implement information protection architecture and
security or cryptographic solutions
Demonstrate strong knowledge in functional specialty by being
visible within ERS and within the marketplace
Maintain membership and visibility in professional & civic
organizations
Be active in professional associations through public speaking and
writing
DESIRED TECHNICAL SKILLS:
- Programming Background (2 or more years in at least 1, preferably 2
languages): Perl, Shell (Bourne, c-shell, tcsh, ksh), awk/sed, C/C++,
SQL, Java, Javascript, ASP, VB, XML
- 2 or more years hands on experience in UNIX shell environment
- 2 or more years C/C++ development experience in an NT/2k environment
- System Experience (3+ years):
Installation and configuration of both UNIX systems Solaris, AIX, BSD,
Linux) and Microsoft NT/2k/XP systems
Configuration and administration of TCP/IP networking services
Configuration and administration of DNS and SMTP services
- Networking Experience (2+ years)-One or more of:
Cisco 36xx, and 7XXX series routers and 6xxx switches, minimum CCNA
desired
Checkpoint/Netopia and Cisco PIX firewalls
IDS- Cisco, Enterasys, ISS, Snort
802.11X enterprise networks (Lucent, Cisco)
Software Experience (2+ years)-Installation and configuration of one or
more:
Netegrity
Tivoli
Entrust
Mercury Interactive
Apache
Netscape iPlanet
Windows 2k Active Directory
SOAP
COM/DCOM
.NET
IBM WebSphere
Oracle 8.x, 9.x
MS SQL Server
MySQL
HP Openview NNM
EDUCATIONAL QUALIFICATIONS:
- BS Degree in Computer Science or MIS
- CISSP, CISA, SANS, CISCO and SUN certifications a plus
- BA/BS in Information Systems, MIS, Business Administration, Computer
Science, Accounting, etc. MBA, MS or dual degree program or combination of
degrees a plus.
- Prefer CPA, CISA and/or CISSP.
- NT/UNIX certifications highly desirable.
CONTACT: [EMAIL PROTECTED]
