Cybersecurity Application Tester (EMEA), Cybersecurity, Global, London
Are you energized by helping organizations protect their data and build client trust? Do you want to work in one of the world's largest holistic internal cybersecurity organizations?
If you're interested in proactively preventing, detecting, and responding to cyber attacks across a complex global footprint, then Deloitte Global could be the perfect place for you. We're looking for an analytical thinker passionate about cybersecurity to join our team. Are you looking to return to the workplace after an extended career break?
For this role we can offer coaching and support designed for returners to refresh your knowledge and skills, and help your transition back into the workplace after a career break of 2 years or more. If this is relevant for you, just let your recruiter know when you make your application. Your role
- Support development in deployed tooling to enhance customer efficiency
- Support operational processes, rules of engagements and methodologies to deliver quality code analysis and penetration testing services to Deloitte's global network
- Ensure deliverables are of a quality nature and provide practical intelligence to help member firms remediate vulnerabilities identified
- Executing automated security testing or support of automated mechanisms to do so
- Curate application security vulnerability data generated from application testing tools, provide concise and digestible remediation paths for member firms
- Escalates key risks and issues to Automated Application Testing Delivery Manager that need special attention or hold urgency
Your work, your choice
- Works closely with the operations team to ensure appropriate customer facing documentation and communications are present to facilitate effective entry points and service offerings are present
- Support member firm liaisons with member firm and DTTL management and technical teams to ensure they are consuming all the offered Services within the Risk Management group across the globe and to ensure member firm expectations are being met
- Collaborates with the Attack Surface Assessment group to understand trends, issues and risks and to exchange expertise
At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. Please speak to your recruiter about the working pattern that works best for you.
You will be based at our London office, with an option of working from home one day a week
This is a permanent contract opportunity. The role can be worked on a full-time basis. Our team members work a variety of agile working patterns. Tell us what arrangement works for you and we'll try to accommodate. Your professional experience
Your service line: Deloitte Global
- Bachelor's degree in Computer Science, Cyber Security, International Cyber Security, or equivalent education experience.
- Candidates with the requisite work experience below would also be considered
- Combined experience in Cyber Security, Vulnerability Management of Application Testing
- Experience in application testing
- Proven track record and experience of the following in a highly complex and global organization:
- Application Security testing services experience working with both testing tools and manual exploitation techniques. Experience with validation of scan results from the following testing tools: Fortify, Contrast Security, Checkmarx and software composition analysis tools.
- Strong knowledge of explaining to development teams of how to use secure coding techniques for the following program languages: .NET, C# and Java
- Risk Management - ability to convey technical risks to business managers and executives
- Application/Infrastructure/Architecture experience - experience with managing and configuring on-premises scanning tools infrastructure hosted in a cloud environment. The responsibilities include: performance tuning, upgrades of Fortify tools and databases, hardening servers, managing cloud costs.
- Experience working with variety of cultures across the globe and have the patience, understanding and empathy to work collaboratively and effectively
- Ability to develop reports, metrics, dashboards and capability to articulate the data presented within the reports to senior management and technical staff.
- Strong knowledge and ability to accurately describe the OWASP Top 10 most common application security vulnerabilities found on most websites.
- Certification: Professional security management certification required (at least 1 active certification from any of the following), Certified Information Systems Security Professional (CISSP), Certified Information Security
Across disciplines and across borders, Deloitte Global supports our network of member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Deloitte Global professionals makes an impact that matters to the world of Deloitte. We share a passion for igniting change and a strong service orientation that shapes our organization and those it supports. Personal independence
Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process. About Deloitte Our Purpose & Strategy
To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent. What do we do?
Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Legal, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world. Beyond the UK: Deloitte North and South Europe
The UK is part of Deloitte North and South Europe (NSE), the second largest member firm in the Deloitte network. Deloitte NSE combines operations in Belgium, Central Mediterranean (Italy, Greece, Malta), Ireland, the Middle East (Bahrain, Cyprus, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Oman, Palestinian Ruled Territories, Qatar, Saudi Arabia, United Arab Emirates, Yemen), the Netherlands, the Nordics (Denmark, Finland, Iceland, Norway and Sweden), Switzerland and the UK. Deloitte NSE brings together 2,700 partners and over 50,000 people, combining our unmatched breadth and depth of capabilities in audit and assurance, consulting, financial advisory, risk advisory, and tax and legal across the region. Being part of Deloitte NSE supports our aspiration to be the undisputed leader in professional services and will create more opportunity and growth for our people. What do we value?
What brings us all together at Deloitte? It's how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for maximum impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most. Being a Leader at Deloitte
Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work - and value them as individuals; always finding opportunities to develop them while showing respect and appreciation.
We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we're looking for:
- We live our purpose: we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make
- We develop talent: we develop high-performing people and teams through challenging and meaningful opportunities
- We drive performance: we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders
- We believe positive influence can make an impact that matters: we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
- We move, together, towards a strategic direction: we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction.
WPFULL SLICSS BAITEC
Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 1 New Street Square, London EC4A 3HQ, United Kingdom.
Deloitte LLP is the United Kingdom affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients. Please see www.deloitte.com/about to learn more about our global network of member firms.
© 2020 Deloitte LLP. All rights reserved.
Requisition code: 175892