Cyber Vulnerability Management Consultant

Are you interested in improving the cyber and organizational risk profiles of leading companies? If your response is yes, consider joining Deloitte & Touche LLP's growing Cyber Risk practice. Our Vulnerability Management specialists assist our clients with the design and implementation of holistic and targeted solutions needed to meet and exceed the requirements of best practice, ethical operations, and regulation?We collaborate with teams from across our organization in order to bring the full breadth of Deloitte, its commercial and public sector expertise, to best support our clients. Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Our team is client focused and mission driven. As a Cyber Vulnerability Management Analyst, you will work with our diverse teams of passionate and expert professionals to help solve for some of today's toughest cybersecurity and organizational challenges to enable or clients to enable business growth and continue to manage evolving risk.

• Work with team to advise clients in understanding the future state problems and challenges in Vulnerability Management and work collaboratively with them to enhance capabilities
• Build understanding and leverage various product capabilities across the gamut of Vulnerability Management to best serve the needs
• Assist the team with identification and recommendation of operational improvements to the client
• Assist the team with analysis of complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
• Develop an understanding of the client's culture, environment (people, process, technology), goals, and security initiatives and communicate all to the engagement team
• Support on time delivery and quality of all in scope deliverables
• Support team with vulnerability scanning activities
• Support execution of vulnerability management processes and outcomes to ensure proactive discovery and remediation of risks
• Work with team to support design and implementation of vulnerability management for complex applications, COTS software, network systems, operating systems, databases, and storage solutions
• Understanding of technical expertise in vulnerability management methodologies and procedures, application and infrastructure vulnerability scanning solutions
• Demonstrate working knowledge of vulnerability scanning tools such as Qualys, RiskSense, Nessus etc.
• Demonstrate working knowledge of VM solution, including configuration and maintenance, scan execution, cloud agent deployment and oversight
• Demonstrate working knowledge of the Vulnerability Management process including vulnerability identification, false negative/positives identification and elimination

• Bachelor's degree is required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology
• Demonstrated ability to identify and address internal and external client needs, including:
• Demonstrated problem solving and critical thinking skills
• Excellent interpersonal/communication, presentation, and writing skills
• Ability to build solid, trust - based relationships with stakeholders
• Knowledge of International Standards, NIST Special Publications and Cyber Security Frameworks like PCI DSS, ISO 27001, SOC2
• Ability to create and deliver high quality run books to support daily operations
• Understanding of security risks, threat modeling, policy writing and familiar with regulatory standards
• Understanding of the ecosystem of Vulnerability Management including understanding of the information security domains and their inter-relations across that ecosystem
• Understanding of vulnerability management methodologies and procedures, application, and infrastructure vulnerability scanning solutions
• Understanding of secure coding practices based on industry leading practices such as OWASP and SANS
• Knowledge of latest emerging advanced persistent threats (APTs), malware, and other security developments
• Understanding of networking, computer typology, application security, and web administration services preferred
• Willingness to travel up to 25% required (Mon - Thurs) on a weekly basis (while travel up to 25% is a requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice)
• Limited immigration sponsorship may be available