Infosec Strategy and Architecture Senior Manager - open to flexible working
To work in the innovative and creative CISO team. A world class operation with extensive knowledge and experience. Interfacing with business and technical teams and bringing about change and influence across the whole world of Deloitte. You will be part of a great team that are passionate about our work in serving a great purpose.
As Senior Manager – IS Strategy & Architecture, you will be responsible for:
- Taking a key role in defining, maintaining and implementing Information Security Strategy including strategic roadmap to implement and maintain key security technologies to improve security posture and manage IS operational risks effectively
- Leading strategic security planning to achieve business goals by coordinating the evaluation, deployment, and management of current and future security technologies and practices working in collaboration with Enterprise Architecture function
- Building a strategic and comprehensive information security program that defines, develops, maintains and implements policies and standards that enable consistent, effective information security practices to manage IS operational risks
- Ensuring information security policies, standards, and procedures are reviewed and updated annually
- Creating a culture of information security and drives behavioral changes that allow employees to be information security risk aware practitioners
- Collaborating with 1LOD and 2LOD leadership for ongoing governance and oversight of the security program
- Aligning standards, frameworks and security with overall business and technology strategy
- Identifying and communicating current and emerging security threats
- Serving as lead consultant to all service lines for all information security related issues.
- Provide end to end Security Architecture reviews as part of an IT lifecycle and security reviews throughout a change advisory board
- Performing security research on the latest new security technologies
- Driving security through globally standardized automation with CI/CD processes.
- Define and provide relevant metrics and trends for executive consumption
- Participates in internal, external and regulatory audits and requests for information
Your work, your choice
In the CISO team we are results focused and believe in excellence in respect in all aspects of our work and interaction with each other. We make full use of technologies that help support different ways of working. At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk.
We, therefore, carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. If the working pattern you are looking for is not specifically indicated below, we are happy to discuss alternative arrangements.
Location: London, United Kingdom
Suggested work pattern: Permanent full time
Your professional experience
- Strong experience as a security practitioner or consultant
- A solid background in information security from a Senior perspective
- Industry accreditation like Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Control (CRISC) is preferable
- Proven experience in defining, maintaining and execution of information security strategy
- Extensive experience in security architecture, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team
- Demonstrable experienced in driving beneficial security change into an organisation through the development or review of security architectures so that they meet business requirements for security, mitigate identified risks, conform to relevant corporate security policies and balance information risk against the cost of countermeasures
- Clear understanding of the importance of design patterns and conceptual architectures and recognise separation of systems as a way to reduce risk
- Be familiar or have certifications in an Enterprise Architecture framework such as TOGAF, MODAF, DODAF
- Proven experience in implementing Business Change, Security Metrics and calculating security ROI
- Contributed or lead a programme to improve organisational risk, security postures and security culture
- Proven experience in managing team of high performing information security professionals
- Demonstrable ability to work in a fast-paced, deadline driven environment
- Excellent verbal and written communication skills with the ability to effectively articulate complex technical terms to both technical and non-technical audiences
- Demonstrated excellence in a variety of competencies including teamwork, collaboration, analytical thinking, communication and influencing skills, and technical expertise
- Strong leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments
- Be the enterprise security subject matter expert who can explain technical topics to those with or without a technical background
Your service line: Internal Services
At Deloitte, we’re all about collaboration. And nowhere is this more apparent than among our 2,000-strong internal services team. With our combined specialist skills, we provide all the essential support and advice our client-facing colleagues need, right across the firm. This enables them to focus all of their efforts on delivering the best service possible to their clients. Covering seven distinct areas; Human Resources, Clients & Industries, Finance & Legal, Shared Services, National Quality & Risk Management, IT Services, and Property & Corporate Services, together we live, breathe and deliver the Deloitte experience.
Our Purpose & Strategy
To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent.
What do we do?
Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world.
Beyond the UK: North West Europe within a Global firm
The UK, Ireland and Switzerland, Belgium, the Netherlands and the Nordics (Denmark, Finland, Iceland, Norway and Sweden) have combined to create a new Deloitte North West Europe firm. This is to support our aspiration to be the undisputed leader in professional services and to increase our global influence and lead in EMEA.
A broader geographical shape will create new career development opportunities, helping us develop the very best talent across the region and the world.
What do we value?
At Deloitte we foster a collaborative culture where talented individuals can produce their best work. We value innovative thinking, diverse insights and a genuinely distinctive level of customer service. We value difference, with respect at the heart of our inclusive culture, and we support agile working arrangements. Hear from some of our people already working at Deloitte inagile ways. We are proud to have earnt a Top 10 place on the 2017 list of Top 30 Employers for Working Families and to have been in their Top 10 for seven consecutive years. Additionally we received the Working Families Best for All Stages of Motherhood special award in 2016.
Being a Leader at Deloitte
Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work – and value them as individuals; always finding opportunities to develop them while showing respect and appreciation.
We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we’re looking for:
- We live our purpose: we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make
- We develop talent: we develop high-performing people and teams through challenging and meaningful opportunities
- We drive performance: we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders
- We believe positive influence can make an impact that matters: we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
- We move, together, towards a strategic direction: we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction
Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and registered office at 2 New Street Square, London, EC4A 3BZ. Deloitte LLP is the United Kingdom affiliate of Deloitte NWE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities.
Requisition code: 162384