Manager - DevSecOps , Cyber Risk, Risk Advisory, UK, Open to flexible working
With a history stretching back almost two centuries, Deloitte has built a reputation as trusted advisors to some of the world’s biggest household names. We are also the partner-of-choice for some of the largest cloud providers and software vendors, using modern technology to do meaningful work.
The Deloitte Cyber Security team aims to be leaders in the DevSecOps arena. We work in a broad range of industry sectors with clients whom millions of people depend upon. They rely on us to help them build secure software in a secure fashion.
We are committed to building a diverse team of talented consultants who are passionate about the work they do. We deliver value to our clients, colleagues, and community in the way we plan, deliver, and reflect on our work, as a team. Therefore, we welcome applications from all backgrounds.
We believe that, to sustain a successful business model, we must equip our colleagues with the ability to improve. We also understand that the industry evolves at a lightning pace. As a result, we provide mentoring and training in a safe environment with empathetic and supportive feedback. Every member of the team receives nurturing on emotional intelligence, resilience, and self-awareness.
You will be assigned a dedicated career coach and benefit from our internal DevSecOps training curriculum with visible career pathways. This is so that we can provide meaningful and measurable progress to each member of the team.
All of the above are crucial investments that allow us to sustain our reputation for delivering high quality services.
We encourage consideration of flexible ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients. If this opportunity is of interest to you with some flexibility, please do discuss with us.
As a Manager for DevSecOps you can expect to be involved in the following activities:
- Leading a team of consultants in delivering successful engagements to our clients.
- Ensuring the use of proven cyber security principles such as defence-in-depth and the principle of least privilege.
- Ensuring the use of Agile methodologies to deliver high-quality software on a dependable cadence.
- Building secure continuous integration and continuous delivery (CI/CD) pipelines.
- Implementing and managing the vulnerability management process.
- Directing threat modelling activities to identify potential vulnerabilities and implementing approaches to address them.
- Identifying, assessing and selecting software tools to test and verify the security of an application.
- Designing and building secure infrastructure in public, private and hybrid cloud scenarios using infrastructure-as-code tools.
- Building strong relationships with client stakeholders and maintaining open and clear channels of communication.
- Contributing to sales activity, through proposal documentation and technical demonstrations.
- Attaining industry-accredited certifications, particularly across cloud platforms such as GCP, AWS and Azure.
Your professional experience
- Experience of delivering technology solutions using Agile methodologies such as Scrum and Kanban.
- The ability to implement DevOps practices such as continuous integration and delivery (CI/CD). automated testing, infrastructure as code, site reliability engineering (SRE). and monitoring and alerting.
- A broad understanding of security practices such as penetration testing, threat modelling, vulnerability management, and static and dynamic application security testing.
- A thorough understanding of cyber security industry resources such as OWASP projects, vulnerability lists, NIST frameworks, CVEs, NCSC guidance, etc.
- Experience of architecting and/or implementing secure cloud computing solutions.
- A thorough understanding of the software development lifecycle (SDLC) as well as knowledge of the components of a secure SDLC.
- An appreciation of the platforms and tools commonly used in a modern software architecture, for example;
- Container orchestration tools such as Kubernetes and Docker Swarm
- Service mesh tools such as Istio and Hashicorp Consul
- Infrastructure as code tools such as Hashicorp Terraform and Ansible
- Configuration management tools such as Chef, Puppet and Ansible
- Monitoring and alerting tools such as Prometheus, Splunk, DataDog, etc.
The following attributes are essential:
- A willingness to work as part of a diverse team
- A commitment to continuous improvement and lifelong learning.
- A passion for technology and a drive to deliver secure, high-quality solutions.
- An open mindset, allowing you to collaborate with colleagues and contribute to the success of your team.
- Personable with excellent communication skills, both written and spoken.
- An ability to remain calm under pressure whilst continuing to pay attention to detail.
Your service line: Risk Advisory
In Risk Advisory, our thinking and actions give clients, our people and society the confidence to grow responsibly in a rapidly changing world. We don’t just work with our clients to manage risk, we help them understand and grab the opportunities it presents too, helping them gain a competitive advantage. Our expertise and industry knowledge run deep here. At Deloitte, you’ll find yourself working with some of the most inspiring and experienced colleagues and with clients who trust you to lead the way to smart choices, better control frameworks, and new systems, including bespoke solutions that have a direct impact on their bottom line.
Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process.
Our Purpose & Strategy
To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent.
What do we do?
Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Legal, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world.
Beyond the UK: Deloitte North and South Europe
The UK is part of Deloitte North and South Europe (NSE), the second largest member firm in the Deloitte network. Deloitte NSE combines operations in Belgium, Central Mediterranean (Italy, Greece, Malta), Ireland, the Middle East (Bahrain, Cyprus, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Oman, Palestinian Ruled Territories, Qatar, Saudi Arabia, United Arab Emirates, Yemen), the Netherlands, the Nordics (Denmark, Finland, Iceland, Norway and Sweden), Switzerland and the UK. Deloitte NSE brings together 2,700 partners and over 50,000 people, combining our unmatched breadth and depth of capabilities in audit and assurance, consulting, financial advisory, risk advisory, and tax and legal across the region. Being part of Deloitte NSE supports our aspiration to be the undisputed leader in professional services and will create more opportunity and growth for our people.
What do we value?
What brings us all together at Deloitte? It’s how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for maximum impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most.
Being a Leader at Deloitte
Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work – and value them as individuals; always finding opportunities to develop them while showing respect and appreciation.
We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we’re looking for:
- We live our purpose: we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make
- We develop talent: we develop high-performing people and teams through challenging and meaningful opportunities
- We drive performance: we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders
- We believe positive influence can make an impact that matters: we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
- We move, together, towards a strategic direction: we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction.
Please click 'Apply' to submit your application