Application Security Management Lead

Company: Deloitte
Location: Rockville
Posted on: November 21, 2020

Job Description:

Are you passionate about cyber and security challenges in information technology, associated with threats and vulnerabilities? Are you a subject matter expert looking for an enriching experience to build your career and brand? If you are interested in a role that offers an opportunity to provide front line support to our clients instead of a "back office programmer" position then Deloitte's Federal Cyber Risk team could be the place for you Join our team of Cyber Risk professionals who collaborate with government agencies, IT professionals, and clients to support cyber security and risk consulting engagements. Work you'll do As a Specialist Master within our Cyber Risk team, you will bullWork with Federal clients to mitigate cyber risk and threats bullOrganize and deliver services on a cross-section of projects bullMaintain technical knowledge within industry and service line and leverage deep subject matter knowledge on engagements bullContribute to the development and cultivation of business and vendor relationships bullServe as a "Subject Matter Expert", adding interpretive value to data presented or experienced insight into a functional process or issue bullDisplay business judgment in anticipating clientproject needs and developing alternative solutions bullIdentify opportunities for other Deloitte service offerings that can address client needs bullResponsible for managing solutions, delegating resources, and helping to ensure quality assurance principles are met across projects and deliverables bullSupervise the work of team members and supports delivery teams and staff bullActively participate in staff recruitment and retention activities providing input and guidance into the staffing process bull Diverse cybersecurity engineering and application security experience and skills to support secure software development lifecycle (SSDLC). bull Advising the client on scanning customer source code, auditing results with development andor security teams and offering new secure coding approaches for remediation of vulnerabilities bull Provide insight on industry standard static code analysis and dynamic application scanning products, such as HP WebInspect and Checkmarx CxSASTCxIAST and Enterprise, onsite for customers bull Communicating technical application security concepts to customer staff, including developers, architects, and managers advise on bull Agile and DevSecOps practices bull Training customer staff on application security and remediation of application security code defects. bull Assessing and scoping of customers application security needs The Team Transparency, innovation, collaboration, sustainability these are the hallmark issues shaping Federal government initiatives today. Deloitte's Federal practice is passionate about making an impact with lasting change. Carrying out missions in the Federal practice requires fresh thinking and a creative approach. We collaborate with teams from across our organization in order to bring the full breadth of Deloitte, its commercial and public sector expertise, to best support our clients. Our aspiration is to be the premier integrated solutions provider in helping to transform the Federal marketplace. Our Federal Cyber Risk team is client focused and mission driven. Our team works across industries and sectors to respond more rapidly and effectively, providing recommendations to improve cyber threat detection. Qualifications Required bullAbility to obtain maintain the required security clearance bullMust be legally authorized to work in the United Stated without the need for employer sponsorship, now or at any time in the future. bullBachelor's Degree in Information Technology, Information Systems Security, Cybersecurity, or related field bull5 years of relevant consulting or industry experience bull2 years in a technical or functional lead role bullExperience mentoring and coaching others bullProven leadership skills demonstrating strong judgment, problem-solving, and decision-making abilities bullExperience managing senior-level client relationships bullExperience presenting to clients or other decision makers to present and sell ideas to various audiences (technical and non-technical) bullPre-sales, proposal, and RFP experience bullMust be able to obtain and maintain required clearance for this role bull Knowledge of security flaws and its resolution as listed in sites like OWASP, SANS etc. bull Knowledge and understanding of network and web related protocols (e.g., TCPIP, UDP, IPSEC, DNS, LTM, GTM) preferred bull Experience implementing security in Agile and DevSecOps environments bull Experience in SAST and DAST security scanning tools bull Experience in developing andor deploying Web applications bull Fundamental understanding of software, computer, and network architectures bull Experience in the enterprise security or application security Preferred bullPrevious Federal Consulting experience bullUnderstanding of fundamental cloud computing concepts bullExperience with Information Assurance concepts and processes within the Federal government bullKnowledge of and experience with Federal security regulations, standards, and processes including FISMA, FIPS, NIST, and FedRAMP bull Programming experience, especially with Java Application security experience with large IT systems. Knowledge of open source and proprietary tools. bull CISSP, CEH, or Security bull Experience with authentication mechanisms like SAML, OAuth etc. along with web service security protocols for SOAP such as WS-Security How you'll grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte's culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte's impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research know some background about the organization and the business area you're applying to. Check out recruiting tips from Deloitte professionals. CYBERGPS

Keywords: Deloitte, Rockville , Application Security Management Lead, Other , Rockville, Maryland