DevSecOps, Manager, Cyber Risk Services & Cloud Engineering, Belfast

Your opportunity You have a fantastic opportunity to join our Cyber Risk Services team and work alongside our Cloud Engineering community based in the heart of Belfast City centre. Our Cyber Risk Services team has grown very rapidly over the past few years. We have the largest UK Security & Resilience team of the "big-4", with over 400 professionals in the UK. The team combines a wealth of deep industry knowledge with both business advisory experience and technical expertise. We provide our clients a full spectrum of services encompassing information security, corporate and physical security and business and technology resilience to help our clients fix their issues and bring them real, long-lasting benefits. Comprising dynamic and passionate people, our Cloud Engineering team collaborate and engage on different aspects of Cloud based projects. Our talented teams have the chance to design, architect, support and maintain solutions for a variety of exciting and impactful projects. Working with the latest technologies and multiple cloud platforms (Amazon Web Services Innovation Partner of the Year 2019 UK & Ireland) we strive to constantly develop and advance our skills so we can provide the best experience and guidance for our clients. The environment at Deloitte is made up of intellectually curious, smart people; including world class security experts - you could become one of them or simply learn from them. Your mix of work will help foster your leadership skills and you'll develop a peer group whom you respect and have fun with. In addition, you will have the opportunity to identify areas of work which are of particular interest to you. You can drill deep and become an expert, grow as a generalist or develop a specialism within an industry sector. We are looking for experienced security professionals, from Senior Consultant to Manager. We are proud to offer flexible working arrangements which allow our people to choose the most suitable working arrangement that works for them. Whether this is working 4 days per week, taking the summer months off work, or more flexibility around your working pattern, we consider both formal and informal working arrangements that allow our people and our clients the best outcome. If you would like to hear more about our flexible working arrangements, please let us know. Your role Assist clients and internal teams in developing overall security architecture for development and technology platforms supporting business, technology and security objectives (Manager positions only) Act as the Lead DevSecOps Engineer and guide Deloitte project teams in designing and maintaining cyber security development processes. Provide advice on security best practices, and guide clients and internal development teams in developing, adopting and enforcing security and access policies appropriate to the cloud platform of choice. Provide vulnerability assessments of cloud assets, deliver remediation recommendations, and provide knowledgeable assistance in resolving identified vulnerabilities. Active involvement in the continuous improvement of our governance platform and tooling, by providing input into direction of roadmap and contributing to the development of tooling. Work with clients and internal teams to create, update, and implement Information Security designs, standards and procedures. Evaluate and recommend new and emerging security products and technologies. Your work, your choice At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. Please speak to your recruiter about the working pattern that works best for you. Location: You will be based at our Belfast office, with an option of working from home one day a week. Work pattern: This is a permanent contract opportunity. The role can be worked on a full-time basis. Your professional experience An engineer with a passion for DevOps, and strong skills in at least one scripting language (Ruby/Python or equivalent). A strong security background, and at least two year's experience in a hands-on information security role, ideally on cloud platforms and have an understanding of ISO 270001 or NIST control frameworks. Experience in performing security vulnerability assessments and may have CISSP or equivalent security accreditation. At least one certification on a relevant cloud platform (e.g. Microsoft Certified Solutions Associate/MCSE or AWS Certified Solutions Architect or Google Professional Cloud Architect). Solid understanding of Cloud technologies including fundamental characteristics of cloud, cloud-native design fundamentals, best practices (such as Azure Review Framework or AWS Well Architected Framework). Experience integrating automated security tools into CI/CD pipeline. Experience deploying Infrastructure as Code (e.g. Terraform, Cloudformation) and associated security controls. You have an honours degree or equivalent qualification in a technical subject. You have demonstrable client facing experience, with the ability to build strong working relationships with clients, drive change and see projects to completion. You have excellent presentation and writing skills - A good planner and communicator. Your service line: Risk Advisory In Risk Advisory, our thinking and actions give clients, our people and society the confidence to grow responsibly in a rapidly changing world. We don't just work with our clients to manage risk, we help them understand and grab the opportunities it presents too, helping them gain a competitive advantage. Our expertise and industry knowledge run deep here. At Deloitte, you'll find yourself working with some of the most inspiring and experienced colleagues and with clients who trust you to lead the way to smart choices, better control frameworks, and new systems, including bespoke solutions that have a direct impact on their bottom line. Personal independence Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process. About Deloitte Our Purpose & Strategy To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent. What do we do? Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Legal, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world. Beyond the UK: Deloitte North and South Europe The UK is part of Deloitte North and South Europe (NSE), the second largest member firm in the Deloitte network. Deloitte NSE combines operations in Belgium, Greece, Ireland, Italy, Malta, the Netherlands, the Nordics (Denmark, Finland, Iceland, Norway and Sweden), Switzerland and the UK. Deloitte NSE brings together 2,500 partners and over 40,000 people, combining our unmatched breadth and depth of capabilities in audit and assurance, consulting, financial advisory, risk advisory, and tax and legal across the region. Being part of Deloitte NSE supports our aspiration to be the undisputed leader in professional services and will create more opportunity and growth for our people. What do we value? What brings us all together at Deloitte? It's how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for maximum impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most. Being a Leader at Deloitte Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work - and value them as individuals; always finding opportunities to develop them while showing respect and appreciation. We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we're looking for: We live our purpose : we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make We develop talent : we develop high-performing people and teams through challenging and meaningful opportunities We drive performance : we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders We believe positive influence can make an impact that matters : we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people We move, together, towards a strategic direction : we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction. WPFULL SLRSKA BACYBR CFTECH Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 1 New Street Square, London EC4A 3HQ, United Kingdom. Deloitte LLP is the United Kingdom affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients. Please see www.deloitte.com/about to learn more about our global network of member firms. © 2020 Deloitte LLP. All rights reserved. Requisition code: 176297