Web Application Firewall Senior Manager

Deloitte Technology Cyber Risk Posted: 18-Jul-2022

Same job available in 5 locations

Dallas, Texas, United States

Jacksonville, Florida, United States

Miami, Florida, United States

Nashville, Tennessee, United States

Tampa, Florida, United States

Position summary:

Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?

Want to make an impact that matters? Consider Deloitte Global.

Work you'll do

 
· Responsible for setting and approving the strategy and direction of the Global Web Application Firewall service, regular oversight of this program management and operations, and reporting of the Web Application Firewall program status to the Oversight groups
 
· Oversee the development/enablement of Global Web Application Firewall service based on member firm and application owner directives
 
· Oversee the remediation or disablement of non-conforming web application firewall policy rules
 
· Manage the Web Application Firewall operational and regional staff
 
· Manage architectural, design, and operational support of the Global Web Application Firewall service
 
· Assist with issues that have been escalated from the support architects
 
· Review application firewall security policy changes against Deloitte policies, standards, and best practice
 
· Respond to Web Application Firewall requests to provide compliance validation for their approval
 
· Providing advanced consultation services with regards to Web Application Firewall requests, including potential workarounds to meet business needs in a secure manner
 
· Continually improve the security posture of Deloitte application firewall systems.
 
· Participate and provide input in development of application firewall architecture.
 
· Track remediation of findings by audit or compliance teams.
 
· Communicate requirements and guide security projects.
 
· Manage analytics, metrics, and reporting with leadership and key stakeholders.

What you'll be part of - our Deloitte Global Culture:

At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and implement global strategies and provide programs and services that unite our network.

In Deloitte Global, everyone has opportunities. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.

Who you'll work with:

The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte’s global network of firms around the globe.

Qualifications:

 
Education (degree): Master’s Degree or equivalent experience preferred
 
Other (Explain): Master's Degree/University Degree and/or Undergraduate Diploma in Information Security, Information Technology, Computer Science, Engineering or Mathematics or equivalent experience
 
 
Years of Experience: 8+ years with minimum 5 years in network security
 
Other (Explain):
 
 
Technical Skills
 
· Experience leading security operations and security systems management
 
· Solid understanding of common TCP/IP and OSI concepts, principles, operations, and controls
 
· Solid understanding of common firewall and WAF architectures, along with common vulnerabilities such as OWASP Top 10
 
· Working knowledge of following frameworks and regulations: NIST Cybersecurity Framework, ISO 27001/2, SANS Top 20 Critical Security Controls, Sarbanes Oxley and CFR-Part 11
 
· Solid understanding of network security WAF technologies, trends, vendors, processes, and methodologies, along with web architectures that would be protected by our offerings.
 
· Solid understanding of common firewall and WAF architectures and implementations.
 
· Strong understanding of basic protocols used by the internet, such as HTTP(S), DNS, TLS
 
· Solid understanding of basic networking concepts, such as routing, switching, firewall, and common enterprise security monitoring tools.
 
· Solid understanding of information security principles
 
· Solid understanding of information security policy enforcement
 
 
Experience with the following products are strongly preferred:
 
· Expert knowledge of web application support
 
· Expert knowledge of the Akamai, Imperva, Radware, RedShield or other leading Web Application Protection platform
 
· Any experience with network-based VPN products, load balancers, as well as SIEM management tools is a plus.
 
 
Other Qualifications
 
· High degree of personal integrity and ethics as well as a passion for protecting people and systems
 
· Constantly striving for excellence using objective, transparent and agreed upon standards
 
· Develop detailed project tasks milestones, status reports and other project documentation to ensure timely and on-budget delivery of projects.
 
· Ensures compliance with SOPs (Standard Operating Procedures) and WIs (Work Instructions) and documentation standards
 
· Excellent written and oral communication and presentation skills for leadership, technical and business audiences
 
· Industry-recognized security certifications (e.g., Cisco Certified Security Professional, Check Point Certified Security Administrator, Palo Alto Networks Certified Network Security Engineer, Certified Information Security Manager or Certified Information Systems Security Professional)

How you'll grow:

Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.

Benefits you'll receive:

Deloitte’s Total Rewards program reflects our continued commitment to lead from the front in everything we do—that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.

Corporate citizenship:

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.