Our market leading
Security Privacy and Resilience practice has a proven track record of working with some of the UK's leadings organisations on complex and high profile issues. We are uniquely positioned in being able to help our clients improve the security privacy and resilience of a single component or to develop comprehensive security, privacy and resilience programmes. Accelerate your career Our team approach means you'll be involved in all aspects of the client relationship from developing a proposal or supporting a bid through to adding value in completing the work, perhaps at client site. We take your development very seriously and foster a nurturing environment. Our appraisal process is structured, transparent and interactive. You will receive continuous training and on-going supportive feedback to achieve the goals you set yourself. As part of the team, you'll be responsible for leading attack and penetration testing engagements to identify security weaknesses within client's IT environments, reporting on issues and making recommendations for their remediation. You will be involved in vulnerability management engagements which include: network and host layer vulnerability assessments, firewall and networking device reviews, web application assessments, source code reviews and targeting the physical security of the infrastructure or buildings. The role may involve: leading attack and penetration testing engagements to identify security weaknesses within a client's IT environments
Reporting on issues and making recommendations for their remediation.
You may be involved in vulnerability management engagements which include: network and host layer vulnerability assessments, firewall reviews, web application reviews and targeting the physical security of the infrastructure or buildings.
Designing deliverable content to precisely reflect the engagement contract and client needs.
Proactively identifying and assisting in the timely resolution of any technical or client service issues
Presenting innovative approaches for delivering results based on your area of competency and industry knowledge.
Maintaining & developing strong professional relationships with client personnel on all engagements.
Identifying and anticipating client needs above and beyond current service relationship; utilising professional network to start building relevant market contacts.
Contributing to the development of sales presentation deliverables using prescribed formats and technology; proactively seeking out opportunities to participate.
Managing a small team or a component of an engagement, anticipating and addressing engagement issues, tracking team status and fulfilling work plan expectations on timely basis. To be considered you may possess:
Experience of working with applications that perform a wide range of business functions - ideally across multiple industries
Ability to understand and assess applications from both a technical and business function perspective
Prior experience of performing web application penetration tests, to identify weaknesses in security controls and the business risks associated with these
Strong academics, including a minimum of 2.1 degree or equivalent
Demonstrable experience of managing stakeholder relationships
Ability to communicate business and technical risk to all levels of audience
Subject matter expertise in: - Networking: LAN, WAN, interworking technologies - Security Appliances: Firewalls (Cisco ASA, Check Point), Proxies, IDS/IPS
Preferred: - CISSP - Security Check (SC) national security clearance - CESG CHECK Team Member (but willing to take Assault Course within 3-4 months), ideally CTL - Web development - .NET, Java, PHP - Reverse engineering
Deloitte Touche Tohmatsu Limited is the largest private professional services organization in the world. According to the organization's...