Deloitte & Touche, one of the nation's leading professional services
firms, provides assurance and advisory, tax, and management consulting
services through nearly 30,000 people in more than 100 U.S. cities. The
firm is dedicated to helping our clients and our people excel. Known as
an employer of choice for innovative human resources programs, Deloitte &
Touche has been recognized as one of the "100 Best Companies to Work For
in America" by Fortune magazine for six consecutive years. Deloitte &
Touche is part of Deloitte Touche Tohmatsu, one of the world's leading
professional services, with more than 95,000 people in 140 countries.
Our Enterprise Risk Services (ERS) practice is a global leader in helping
clients manage risk from the boardroom to the network. As the largest
risk management consulting practice of its kind, we provide a broad array
of services that allow clients around the world to better measure and
manage risk and control, and to enhance the reliability of systems and
processes throughout the enterprise.
INFORMATION SECURITY SERVICES - MANAGER
Deloitte & Touche is the global accounting and consulting firm named by
Fortune Magazine as one of America's 100 best places to work for five
consecutive years. With more than 95,000 people in more than 140
countries, the firm provides Consulting, Audit, Tax and High-Growth
Advisory business.
Our Enterprise Risk Services (ERS) practice is a global leader in helping
clients manage risk from the boardroom to the network. As the largest
risk management consulting practice of its kind, we provide a broad array
of services that allow clients around the world to better measure and
manage risk and control, and to enhance the reliability of systems and
processes throughout the enterprise.
Qualifications:
-BA/BS Degree in related field, such as CS/IS. Advanced degree preferred
-5 + years experience, preferably in the e-business/security field that
is industry specific such as banking, brokerage,
utilities, high technology, etc.
-Internet technology infrastructure experience including
Identity management
Directory services
Security architecture
Enterprise security management
-Windows NT/2000 and/or UNIX experience
-Information security experience in
VPN
Biometrics
Smart Cards
Ethical hacking
Remote access control and authentication
-Technical experience with one or more of the following:
Oblix, Active Directory, Netegrity, Tivoli, Access 360
-Experience in any e-business applications a plus, including JAVA, HTML,
ActiveX, or any other cutting edge
Internet products
-Prior consulting firm experience highly preferred with Big 5 experience
a definite plus
-Willingness to travel
-Strong technical, analytical, interpersonal, communication and
management skills
-CISSP, CISA, CFE, Microsoft or related information technology
certifications and/or courses desired
Demonstrated Abilities:
-Provide engagement/task management and select appropriate methodologies
in one or more of the following areas:
Network security administration
Firewall design and implementation
Security architecture development
Enterprise security management
-Provide technical guidance and manage all aspects of information
protection architecture projects in complex
networked environments
-Identify and resolve complex issues and develop innovative solutions for
the client's business/technology goals
-Provide technical assistance relating to the design and implementation
of security and controls of client's networks
-Play substantive/lead role in client relationship and communication
-Play substantive/lead role in attaining quality internal and external
communication deliverables including technical
content of reports, proposals, etc.
-Demonstrate high level of understanding of client's business
-Demonstrate strong knowledge industry or functional specialty
-Play substantive/lead role and engagement planning, economics, and
billing
-Deliver services that meet D&T engagement leader specifications
-Participate in "add-on" sales to client
-Identify opportunities to cross-sell other services
-Membership and visibility in professional & civic organizations
-Participate in proposal development efforts
-Evaluate, counsel, mentor, and provide feedback on performance of others
-Assist in retention of professionals
-Participate in training efforts
-Play substantive role in enhancing relationships with D&T Audit and Tax
professionals
Summary:
The systems architect's primary responsibility will be to lead and/or
perform key roles in engagements relating to the architecture, design,
implementation and testing, and management of security solutions. This
person should not only be able to implement a proposed solution and
integrate it into the IT environment, but also be able to conceptualize
various strategic solutions for a given issue. This person should also be
prepared to provide thought leadership as well as hands on practical
experience to the job. This position may involve managerial, operational
and technical roles. A strong understanding of systems operations from a
management and a security view is essential - this includes general
computer operations, identity management issues such as
authentication/authorization and provisioning, data networking, and data
security.
More specifically, the systems architect should be familiar with
Directories (X.500 is a plus, LDAP is a required skill), RBAC (Role
Based Access Control) methodologies, provisioning tools and concepts,
authentication and authorization products and capabilities, and
enterprise identity management tools. The candidate should have a strong
understanding of an identity management architecture that incorporates
all the above-mentioned components into a consolidated environment such
as a portal. It would also be beneficial for the candidate to have
experience in the creation and maintenance of portals and portal
application servers from a security standpoint. PKI design and
integration experience would be a further asset. In data communications,
the candidate should ideally have fundamental knowledge of both LANs and
WANs and should understand the design and operational principles of
networks. Experience with interfacing to the Internet and other parties
are required.
It is essential that the candidate be able to convey the advantages of a
strategic and integrated solution for security and identity management
that is not only feasible but also viable. The job will require both the
ability to define a method and to use existing methodologies to perform a
project. The skill to set up the planning for the execution of projects
is a critical job function. This job requires writing project plans,
engagement letters, proposals, reports, and other documents, and
preparing and presenting presentations such as proposals and other
briefings. Certifications are useful (e.g., CISSP, Cisco, MS
certifications, etc.). Travel will be required.
Specific Knowledge Areas:
LDAP and Directories (iPlanet, Novell, SecureWay, Active
Directory, etc.)
Authentication and Authorization tools (Netegrity, RSA, Tivoli,
etc.)
Provisioning tools (Access360, Business Layers, Waveset, etc.)
Data Network Security/System Security Packages/Encryption
Useful Knowledge Areas:
Firewalls (Checkpoint, Cisco, etc,)/Intrusion Detection
A&P/Incident Response
Operating Systems (UNIX and Windows family)
Network Management/System Management
For immediate consideration, send resume to: [EMAIL PROTECTED]
