Vacancy expired!
- Provide oversight (incl. metrics, risks and issues, escalation management)
- Provide Architecture analysis, design, and support for Endpoint Security systems
- Identify gaps and provide engineering solutions to new threats using implemented endpoint tools. Assess impact of medium or high-risk changes
- Lead process compliance activities by identifying and driving initiatives that are relevant for the project delivery and help factor reusability and related benefits
- Coordinate with business stakeholders to drive remediation activities
- Oversee administration of one or more Endpoint Security solutions (example - Microsoft Defender ATP, Cylance, Symantec ATP, McAfee MVISION, Tanium, Carbon Black, CrowdStrike, etc.)
- Prioritize incidents and service tickets, changes, ad-hoc requests
- Perform and coordinate major and minor upgrades
- Perform Endpoint Security architecture assessments and design reviews
- Ensure endpoint security solutions and policies are on track to meet and respond to threats inside of the company's environment.
- Write, configure, manage, and maintain rules and policies for Anti-Virus or Endpoint Security Products (GPO policies, HIPS, Detection Rule Set etc.)
- Lead the development of capabilities that enable the creation of gap analysis and risk assessment with the use of the frameworks such as MITRE ATT&CK etc.
- Assist clients with advanced security incident response action and works with business, security teams and vendors to respond to malware outbreak.
- Perform incident triage and resolution in situations that are not necessarily predefined in procedures and actively support the engineering and forensics processes in the investigations
- Design, implement and monitor health of Endpoint security solutions, including endpoint agent health, create related dashboards, real time metrics reporting etc.
- Serve as escalation point of L1 and L2 analysts\engineers as applicable
- Deliver Endpoint advisory support and education to other teams, technology management personnel or end users.
- Help define, implement, and monitor key risk indicators and key performance indicators (KRIs/KPIs)
- Review system security plans, network diagrams, and vulnerability and patching requirements
- Create/maintain SOPs pertaining to day-to-day operations of endpoint security management and submit documentation through the Quality Review Management process
- Contribute to Deloitte's thought leadership in client organizations and external marketplace
- Operate as a technical subject matter specialist
- Understanding and leveraging various product capabilities across the gamut of Endpoint Security to best serve the needs
- Identify and recommend operational improvements to the client, drawing on deep experience and industry specific knowledge of risks
- Analyze complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
- Manage and grow client relationships (Develop "Trusted Advisor" status)
- Maintain a solid understanding of the client's culture, environment (people, process, technology), goals, and security initiatives and communicate all to the engagement team
- Responsible for on time delivery and quality of all in scope deliverables
- Manage any in scope solution projects (integration/ implementations)
- Manage appropriate engagement management reporting on a periodic basis
- Manage communications with vendors, 3rd party service providers, Deloitte leadership, and client personnel
- Responsible for compliance with all Deloitte firm engagement management requirements
- Demonstrate ability to manage and motivate multiple project teams in multiple geo-locations
- Bachelor's degree is required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology
- Understanding of the entire ecosystem of Endpoint Security including well-rounded understanding of the information security domains and their inter-relations across that ecosystem
- Candidate should have overall 8+ years' experience with multiple Endpoint Security platforms
- Experience with Endpoint Security technologies like Microsoft Defender ATP, Cylance, Symantec, McAfee, Tanium, Carbon Black, CrowdStrike, etc.
- Experience in Anti-Virus (AV) Security Operations - Manage policies and definitions, investigate possible malware infection and detect threats, perform manual malware/virus eradication, perform containment/exclusion activities based on SOPs:
- Experience with configuration and deployment of endpoint protection platforms (Advanced Threat Protection, Admin Rights, EDR, Web Protection) - including rulesets tuning and updates as needed
- Experience in other security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Sandboxing, network- and host- based firewalls, Encryption, Threat Intelligence, Penetration Testing, etc. is a plus.
- Proficient understanding of relevant security technologies, such as malware management, network forensics, flow analysis, IDS/IPS, etc.
- Knowledge of Advanced Persistent Threats (APT) tactics, technics, and procedures
- Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
- Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
- Experience in working with International Standards, NIST Special Publications and Cyber Security Frameworks like PCI DSS, ISO 27001, SOC2
- Demonstrated ability to identify and address internal and external client needs, including:
- Demonstrated problem solving and critical thinking skills
- Working collaboratively with clients to design and implement process and technology solutions
- Able to build solid, trust - based relationships with stakeholders
- Excellent interpersonal/communication, presentation, and writing skills
- Demonstrating strong domain expertise and thought leadership to clients in the cyber security space
- Ability to travel 25%, on average, based on the work you do and the clients and industries/sectors you serve
- Limited immigration sponsorship may be available
- Endpoint Security tool certifications such as Microsoft Defender ATP, Cylance Security Professional (CSP), McAfee Product Specialist, Symantec Certified Specialist
- Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent
- Excellent interpersonal and organizational skills
- Excellent oral and written communication skills
- Strong analytical and problem-solving skills
- A strong desire to understand the what as well as the why and the how of security incidents
- Experience with financial forecast and profitability tracking, risks, or issues
- ID: #43704745
- State: California Costamesa 92626 Costamesa USA
- City: Costamesa
- Salary: USD TBD TBD
- Job type: Permanent
- Showed: 2022-06-30
- Deadline: 2022-08-28
- Category: Et cetera