1+ months

Risk Advisory - Kuwait - Cyber Security - Assistant Manager

Deloitte Middle East
مدينة الكويت
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t
\t\t\t

Function

\t\t\t
\t\t\t

RA

\t\t\t
\t\t\t

Service line

\t\t\t
\t\t\t

Cyber Security Cyber Technical

\t\t\t
\t\t\t

Job title

\t\t\t
\t\t\t

Senior Consultant / Assistant Manager

\t\t\t

 

 

 

Introduction

When you work for us, you commit to a career at one of the largest and most prestigious professional services firms in the world. Looking for a rewarding career? Take a closer look at Deloitte & Touche ME. You'll understand that Deloitte is a Tier 1 Tax advisor in the GCC region since 2010 (according to the International Tax Review World Tax Rankings). It has received numerous awards in the last few years which include Best Employer in the Middle East, best consulting firm, and the Middle East Training & Development Excellence Award by the Institute of Chartered Accountants in England and Wales (ICAEW). A career in Enterprise Risk Services (Risk Advisory, or Risk Consulting) is all about the challenge of helping our clients manage risk and uncertainty, from the boardroom to the network. The spectrum of risk is broad, and our core competencies encompass control assurance, internal audit, corporate governance consulting, risk management, regulatory consulting, and IT security services. To be Risk Advisory professional with Deloitte & Touche Middle East means you will gain a wealth of experience across a wide spectrum of industries. Diversity is not just a part of the business landscape in the region but also an integral part of Deloitte & Touche Middle East. Just as we are committed to seeing our clients excel, we are committed to providing you with the right environment to learn and grow and to tailor a career to your needs.

Professional Knowledge and Experience:

    \t
  • Bachelors Degree in Computer Engineering or Computer Science from an accredited university.
  • \t
  • At least 6 years of technical cyber security experience.
  • \t
  • Working experience in Big Four is a plus.
  • \t
  • Demonstrated experience in the following domains:\t
      \t\t
    • Penetration Testing/ Red Teaming (Mandatory)
    • \t\t
    • Cloud Security (Preferred)
    • \t\t
    • Incident Response and Digital Forensics (Preferred)
    • \t
    \t
  • \t
  • \t

    Penetration Testing/ Red Teaming (Mandatory):

    \t
      \t\t
    • Strong experience in Network penetration testing and manipulation of network security controls.
    • \t\t
    • Strong experience in Web and Mobile application security assessments based on OWSP 10 controls.
    • \t\t
    • Experience in Wireless networks and social-engineering assessments
    • \t\t
    • Experience in Source code review.
    • \t\t
    • Experience in Wireless networks security assessments.
    • \t\t
    • Familiarity with Email, IP Telephony, and Physical Security assessments.
    • \t\t
    • Experience in scripting languages and tasks automation using PowerShell, Python or Ruby.
    • \t\t
    • Strong understanding of network protocols, data on the wire, and covert channels.
    • \t\t
    • Strong understanding of Unix/Linux/Windows operating systems, including bash and Powershell
    • \t
    \t
  • \t
  • Cloud Security (Preferred):\t
      \t\t
    • Serve as a subject matter expert on cloud cyber risk for at least one of the leading cloud platforms (AWS, Microsoft Azure/ Office 365)
    • \t\t
    • Conduct cloud security assessments and provide recommendations on required configurations for client cloud platforms (such as AWS, Azure) and environments based on Deloittes Cloud Cyber Risk Framework.
    • \t\t
    • Design and develop cloud platform-specific security policies, standards, and procedures for management group and account/subscription management and configuration (e.g. Azure Policy, Azure Security Center, AWS Config), identity management and access control, firewall management, auditing and monitoring, security incident and event management, data protection, user and administrator account management, SSO, conditional access controls and password/secrets management.
    • \t\t
    • Provide internal cloud security technical training to Advisory personnel as needed.
    • \t
    \t
  • \t
  • Incident Response and Digital Forensics (Preferred):\t
      \t\t
    • Experience in incident handling process for identifying and triaging security incidents.
    • \t\t
    • Familiarity in interpreting, searching and manipulating data within enterprise logging solutions (SIEM).
    • \t\t
    • Ability to demonstrate an investigative mindset.
    • \t\t
    • Familiarity in threat intelligence and applied use within incident response engagements.
    • \t\t
    • Experience in EDR solutions or Endpoint Security tools is preferred. (e.g. CarbonBlack, CrowdStrike or Microsoft Defender).
    • \t\t
    • Strong scripting skills in modern scripting languages like PowerShell, Python, Node.js, Javascript, Bash, Ruby, or SQL.
    • \t
    \t
  • \t
  • Professional Certifications:  \t
      \t\t
    • Information Security:\t\t
        \t\t\t
      • CISSP or CISM or CISA (Any is Preferred)
      • \t\t
      \t\t
    • \t\t
    • Penetration Testing/ Red Teaming:\t\t
        \t\t\t
      • OSCP (Mandatory)
      • \t\t\t
      • OSEP / OSWE / OSCE (Any is Preferred. Certified candidates will be considered on priority)
      • \t\t\t
      • GWAPT or eWPTX (Any is Preferred)
      • \t\t
      \t\t
    • \t\t
    • Incident Response and Digital Forensics\t\t
        \t\t\t
      • GCFA or GCIH (Any is Preferred)
      • \t\t
      \t\t
    • \t\t
    • Cloud Security\t\t
        \t\t\t
      • MS Azure or AWS professional certifications. (Any is Preferred)
      • \t\t
      \t\t
    • \t
    \t

Primary Duties and Responsibilities

    \t
  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments.
  • \t
  • Perform secure configuration/ network architecture reviews based on international standards and best security practices.
  • \t
  • Perform Cloud Security Assessments for the architecture, design and configurations.
  • \t
  • Develop comprehensive, accurate reports and presentations for both technical and executive audiences.
  • \t
  • Effectively communicate and discuss findings with internal stakeholders including leadership and technical team members
  • \t
  • Ability to document and explain technical details in a concise, understandable manner
  • \t
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences

Competencies

    \t
  • Excellent written and oral communication skills.
  • \t
  • Ability to coordinate multiple projects and priorities simultaneously.
  • \t
  • Ability to collaborate with others, work independently, initiate action, and adapt to change, make difficult decisions and accept challenging assignments.
  • \t
  • Excellent presentation skills

*Disclaimer: This job description is subject to change based on the business / project requirements and at the discretion of management

Categories

Posted: 2022-01-20 Expires: 2022-08-20

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Risk Advisory - Kuwait - Cyber Security - Assistant Manager

Deloitte Middle East
مدينة الكويت

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast