Senior Manager SSDLC Operations Leader, Deloitte Global Technology
Deloitte
- Ottawa, ON
- Permanent
- Temps-plein
Reference code: 125975
Primary Location: Toronto, ON
All Available Locations: Ottawa, ONOur PurposeAt Deloitte, we are driven to inspire and help our people, organization, communities, and country to thrive. Our Purpose is to build a better future by accelerating and expanding access to knowledge. Purpose defines who we are and gives us reason to exist as an organization.By living our Purpose, we will make an impact that matters.
- Enjoy flexible, proactive, and practical benefits that foster a culture of well-being and connectedness.
- Experience a firm where wellness matters.
- Be expected to share your ideas and to make them a reality.
- Collaborate with senior business and technology leaders, supporting them in designing and building solutions that adhere to the firm's (current and future) security design requirements, helping them in achieving their associated objectives and overall strategy and not being afraid to challenge decisions that may place the firm at risk.
- Ensure effective and on-time delivery of security guidance for complex technology systems and solutions within Deloitte Technology, completion of cyber reviews for applications migrating from on-prem data centers to public and private cloud environments.
- Build strong working relationships across the Global Cybersecurity organization, Shared Services Organization, SSDLC Optimization Team, and peers from member firm cyber teams.
- Represent Global Cybersecurity on the Global Architectural Review Board
- Ensure continued compliance with SSDLC requirements as defined by Deloitte and industry cyber frameworks (e.g., ISO 27001)
- Lead the evolution, development, and implementation of reporting metrics, demonstrating Cybersecurity value and risk reduction across your assigned technology customer area.
- Contribute to the ongoing evolution of the Business Information Security team.
- At least 10 years combined experience in cybersecurity working in an information security context
- At least 5 years holding a leadership or senior management role
- Ability to define strategy and influence senior stakeholders
- High degree of business acumen, understanding complex business needs and the value of secure design principles (SSDLC) and other cyber capabilities deliver in reducing cyber risk across Deloitte
- Excellent interpersonal and collaborative skills, with ability to communicate strategic information, security topics, policies, and standards as well as risk-related concepts to technical and non-technical audiences at various levels
- Lead a global team of diverse, experienced cyber professionals in a fast-paced environment
- Demonstrated knowledge of securing applications, large enterprise platforms and infrastructure systems (secure coding methods, WAF, application gateways, firewalls, servers, virtualized technologies)
- Securing cloud-based environments and understanding risks associated with cloud-based solutions hosted in M365, Azure, AWS and GCP
- Understanding of containerization technologies such as Kubernetes and Docker
- Understanding of DevSecOps and agile methodologies
- Understanding of applying secure system/solution design principles to prevent application specific security defects based on OWASP Top 10 vulnerabilities
- Understanding of identity management and federation technologies and concepts
- Knowledge of software development models (e.g., Waterfall Model, Agile)
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the NIST Cybersecurity Framework
- Bachelor's degree in computer science, cybersecurity, other technology-related fields, or equivalent work- related experience in a similar role within a large multi-national organization considered
- At least 10 years combined experience in cybersecurity and / or solution design in an information security context
- Professional security certification desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), or other similar credentials
Deloitte Canada has 30 offices with representation across most of the country. We acknowledge our offices reside on traditional, treaty and unceded territories as part of Turtle Island and is still home to many First Nations, Métis, and Inuit peoples. We are all Treaty people.