Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.
Web Application Firewall Senior Manager
Cyber Security Cyber Risk Posted: 18-Jul-2022
Same job available in 5 locations
Dallas, Texas, United States
Jacksonville, Florida, United States
Miami, Florida, United States
Nashville, Tennessee, United States
Tampa, Florida, United States
Work you'll do
· Responsible for setting and approving the strategy and direction of the Global Web Application Firewall service, regular oversight of this program management and operations, and reporting of the Web Application Firewall program status to the Oversight groups
· Oversee the development/enablement of Global Web Application Firewall service based on member firm and application owner directives
· Oversee the remediation or disablement of non-conforming web application firewall policy rules
· Manage the Web Application Firewall operational and regional staff
· Manage architectural, design, and operational support of the Global Web Application Firewall service
· Assist with issues that have been escalated from the support architects
· Review application firewall security policy changes against Deloitte policies, standards, and best practice
· Respond to Web Application Firewall requests to provide compliance validation for their approval
· Providing advanced consultation services with regards to Web Application Firewall requests, including potential workarounds to meet business needs in a secure manner
· Continually improve the security posture of Deloitte application firewall systems.
· Participate and provide input in development of application firewall architecture.
· Track remediation of findings by audit or compliance teams.
· Communicate requirements and guide security projects.
· Manage analytics, metrics, and reporting with leadership and key stakeholders.
The team
The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte’s global network of firms around the globe.
Qualifications
Education (degree): Master’s Degree or equivalent experience preferred
Other (Explain): Master's Degree/University Degree and/or Undergraduate Diploma in Information Security, Information Technology, Computer Science, Engineering or Mathematics or equivalent experience
Years of Experience: 8+ years with minimum 5 years in network security
Other (Explain):
Technical Skills
· Experience leading security operations and security systems management
· Solid understanding of common TCP/IP and OSI concepts, principles, operations, and controls
· Solid understanding of common firewall and WAF architectures, along with common vulnerabilities such as OWASP Top 10
· Working knowledge of following frameworks and regulations: NIST Cybersecurity Framework, ISO 27001/2, SANS Top 20 Critical Security Controls, Sarbanes Oxley and CFR-Part 11
· Solid understanding of network security WAF technologies, trends, vendors, processes, and methodologies, along with web architectures that would be protected by our offerings.
· Solid understanding of common firewall and WAF architectures and implementations.
· Strong understanding of basic protocols used by the internet, such as HTTP(S), DNS, TLS
· Solid understanding of basic networking concepts, such as routing, switching, firewall, and common enterprise security monitoring tools.
· Solid understanding of information security principles
· Solid understanding of information security policy enforcement
Experience with the following products are strongly preferred:
· Expert knowledge of web application support
· Expert knowledge of the Akamai, Imperva, Radware, RedShield or other leading Web Application Protection platform
· Any experience with network-based VPN products, load balancers, as well as SIEM management tools is a plus.
Other Qualifications
· High degree of personal integrity and ethics as well as a passion for protecting people and systems
· Constantly striving for excellence using objective, transparent and agreed upon standards
· Develop detailed project tasks milestones, status reports and other project documentation to ensure timely and on-budget delivery of projects.
· Ensures compliance with SOPs (Standard Operating Procedures) and WIs (Work Instructions) and documentation standards
· Excellent written and oral communication and presentation skills for leadership, technical and business audiences
· Industry-recognized security certifications (e.g., Cisco Certified Security Professional, Check Point Certified Security Administrator, Palo Alto Networks Certified Network Security Engineer, Certified Information Security Manager or Certified Information Systems Security Professional)
Our culture
At Deloitte Global people are valued and respected for who they are – with opportunities to bring their unique perspectives, talents and passions to business challenges. Our global workspace creates room for individuality and collaboration. Ours is an inclusive, supportive, connected culture with a focus on development, flexibility, and well-being. This culture makes Deloitte Global one of the most rewarding places to work, and to transform your career.
Professional development
From entry-level employees to senior leaders, we believe in investing in you, helping you identify and hone your unique strengths at every step of your career. We offer opportunities to build new skills, take on leadership opportunities, and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.
Benefits
At Deloitte, we value our people and offer employees a broad range of benefits. Our Total Rewards program reflects our continued commitment to lead from the front in everything we do—that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being.
At Deloitte Global, we know we’re at our best when we look out for one another; prioritize respect, fairness, development and wellbeing; foster an inclusive culture and embrace diversity in all forms. All qualified applicants will receive consideration for employment regardless of their background, experience, identity, ability or thinking style, and if you need assistance or an accommodation during the application process for accessibility reasons this is available upon request. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.