Intrusion Detection Prevention Service Analytics Manager

Mclean, VA
Feb 20, 2021
Feb 24, 2021
Full Time
Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with premier thought leaders in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?Want to make an impact that matters? Consider Deloitte Global.Work you'll do:The IDPS Analytics Manager is responsible for secure operation of the technologies that fall under the umbrella of the Cybersecurity IDPS. Responsible for the service leadership of the IDPS Analytics team and should be technical and should possess advanced understanding across a broad range of security technologies and take a proactive approach to defending against cyber incidents. Collaborates with other Deloitte teams, member firms and external parties to address/remediate identified security issues.Role Specific Responsibilities Responsible for assisting in the development of the strategy for the ISPS Analytics team, regular oversight of program management and operations, and reporting program status to the Oversight groups. Coordinate with enterprise wide teams to provide installation, configuration, engineering, administration, and accreditation documents/diagrams for the cyber infrastructure life cycle. This may include replacements upgrades, enhancements, and new technology deployments. Manage the IDPS Analytics staff. Monitor and analyze Intrusion Detection Systems (IDS/IPS) logs to identify security issues for remediation. Manage metrics and reporting with leadership and key stakeholders. Provide architectural, design, and operational support to the Intrusion Detection and Prevention service Providing consultation services with regards to signature changes and updates. Continually improve the security posture of Deloitte network systems. Participate and provide input in development of network firewall architecture. Follows proper evidence handling procedures and chain of custody protocols and produces written reports documenting digital forensic findings. Must have a good understanding of networks at a net flow, packet level and analysis methodologies. Assists in incident reports of analysis methodology and results. Communicate requirements and guide security projects. Maintain current knowledge of relevant cyber security technologies. Assist with issues that have been escalated from the support analysts.People Management Help others in information security concepts, issues, standard and policies. Work closely with teams delivering IDS/IPS requests and projects. Experience managing a remote team a plus.Knowledge Sharing / Documentation Assist in drafting and editing IPS/IDS related standards, policies and guidelines. Assist in drafting and editing IPS/IDS related risk models, methods and procedures.What you'll be part of - our Deloitte Global Culture:At Deloitte, we expect results. Incredibletangibleresults. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network.In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit inwith an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand outwith opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.Deloitte Global supports our talented professionals in answering the question: What impact will you make?Who you'll work with:How you'll grow:Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.Benefits you'll receive:Deloittes Total Rewards program reflects our continued commitment to lead from the front in everything we do thats why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.Corporate Citizenship:Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.#GLBCyberEducation (degree): Bachelors Degree or equivalent experienceOther (Explain): Bachelors University Degree and/or Undergraduate Diploma in Information Security, Information Technology, Computer Science, Engineering or Mathematics or equivalent experienceYears of Experience: 6+ years Technical Skills Experience leading security operations and security systems management Solid understanding of common TCP/IP architecture, principles, operations and controls Solid understanding of network security firewall UTM technologies, trends, vendors, processes and methodologies. Solid understanding of common firewall architectures and implementations. Strong understanding of basic protocols used by the internet, such as HTTP(S), DNS, TLS Solid understanding of basic networking concepts, such as routing, switching, firewall, and common enterprise security monitoring tools. Solid understanding of information security principlesExperience with the following products are strongly preferred: Knowledge of next-gen firewall technologies Knowledge of the Cisco Firepower, Checkpoint, Palo Alto, ThreatConnect and/or Tufin platforms Any experience with Splunk (SIEM management tool) is a plus.Other Qualifications:Other Qualifications High degree of personal integrity and ethics as well as a passion for protecting people and systems Constantly striving for excellence using objective, transparent and agreed upon standards Excellent written and oral communication and presentation skills for leadership, technical and business audiences Understanding of IPv6 technology, network and application implementations Understanding the concpets for network detection and reaction. Possess industry-recognized security certifications (eg, Cisco Certified Security Professional, CCNA-S, Check Point Certified Security Administrator, Palo Alto Networks Certified Network Security Engineer.) All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law. Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers site () or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at Requisition code: D73633