Cyber Security Manager (Firm Internal)

Deloitte Services LP includes internal support areas such as Marketing and Communications, Human Resources/Talent, Information Technology, Facilities Management, and Financial Support Services.
Lead Cyber Security Incident Response (CSIR) efforts across ITS including determination the criticality of an incident, appropriate containment, and mitigation activities. During an active incident response, prioritize advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc.
Oversee the execution of the Cyber Security Incident Response Playbook by the Security Operations Center and others for minor security incidents.
Manage Cyber Incident Response Retainer Service on behalf of the CISO and recommend activation for incidents where assistance is required.
Communicate and document details of incidents and create status reports of tasks performed to stakeholders and provide input to communications to Deloitte leadership.
Establish and maintain strong working relationships with all teams required to support incident response including, but not limited to, Messaging, Communications, SOC, Data Protection, STS, GISO, Office of Security, Talent, and OGC.
Maintain and update the Cyber Security Incident Response Plan & Playbook, including the comprehensive contact list, call trees and response approaches for new incident scenarios and integration of new tools and capabilities as identified.
Support alignment between the Disaster Recovery and Business Continuity programs and Cyber Security Incident Response, including participation in Disaster Recovery testing activities.
Drive alignment of ITS CSIR programs with other areas of Deloitte to include: strategy, governance, risk and compliance, disaster recovery and business operations.
Act as the lead for table-top exercises, which assess the effectiveness of cyber incident response capabilities across people, processes, and technology.
Improve Incident Response processes by taking advantage of and Integration with new technologies and capabilities that are implemented by Cyber Security and other areas of ITS.
Primary Qualifications:
Bachelor's degree in Information Protection, Computer Forensics, Computer Information Systems, Computer Science, Computer Engineering, Information Systems Management or equivalent work experience
5+ years of experience in information security, data protection or a related field
Experience leading security incident response strongly preferred
Knowledge of forensics, chain of custody and handling digital evidence
Able to build strong relationships with and lead teams and individuals without direct reporting relationships
Able to work independently to complete assigned tasks using documented procedures
Ability to quickly analyze large amounts of information and formulate action plans based on that analysis
Excellent written and oral communications skills and able to articulate and present information to all levels of management and staff
Possess strong organizational skills to facilitate management and tracking of large numbers of incidents, events, and efforts
Ability to adapt and operate in a high-tempo, dynamic environment
Ability to travel occasionally
About Deloitte
As used in this posting, "Deloitte" means Deloitte Services LP, a subsidiary of Deloitte LLP. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Disclaimer: If you are not reviewing this job posting on our Careers' site ( or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Identity Access Management Security Manager (F...
Arlington, VA Deloitte & Touche L.L.P.
Cyber Security Manager - Service Delivery
Reston, VA Simplion Technologies INC
Cyber Security Manager
McLean, VA PwC
Temporary Manager, Performance Management (Fir...
McLean, VA Deloitte & Touche L.L.P.
Managing Consultant - Cyber Security, Privacy ...
Mc Lean, VA CrossCountry Consulting