Qualys Compliance Analyst
Cyber Security Cyber Risk Posted: 12-May-2022
Atlanta, Georgia, United States
Dallas, Texas, United States
Detroit, Michigan, United States
Hermitage, Tennessee, United States
Houston, Texas, United States
London, United Kingdom, United Kingdom
Miami, Florida, United States
San Antonio, Texas, United States
Tampa, Florida, United States
Toronto, ,
Work you'll do
- In this interesting and diverse role, you will be responsible for day-to-day operation of the Global Cybersecurity Technology Hardening Practices program where you will operate the compliance elements of the program, monitoring compliance to the security configuration baselines across all Deloitte assets and firms, reporting noncompliance and working with IT teams to remediate.
- Lead the translation of global information security policy requirements and standards into sound and practical global cybersecurity hardening practices for infrastructure. Lead end user computing technologies and also lead in-depth vulnerability management analysis to identify required hardening practices.
- Work with internal clients around the world to ensure hardening practices are align with approved security policies, standards and architecture patterns and also socialize Hardening Practices content.
What you'll be part of - our Deloitte Global Culture:
Who you'll work with:
Deloitte Technology Services works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.
Qualifications:
Required:
- Minimum of 4 years of combined experience in cybersecurity and / or solution design in an information security context
- Bachelor’s degree in computer science, cybersecurity, other technology-related fields, or equivalent education-related experience
- Experience with Qualys Compliance Module
- Knowledge of network protocols, GWAN and WAN technologies and fundamental networking skills (TCP, IP, IDS/IPS, virtualization, etc.)
- Knowledge of software development models (e.g., Waterfall Model, Agile)
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the NIST Cybersecurity Framework
- Proven ability of driving information and cyber strategy, implementation of tailored governance framework, and developing security requirements across a broad spectrum of infrastructure and end user computing technologies
Preferred:
- Master’s degree
- Professional Security Management Certifications (CISSP, CISM, CISSP-ISSEP, CEH, CCNP Security, GSEC)