Intrusion Detection Prevention Service Manager
Baltimore - Maryland (MD),
- Responsible for assisting in the development of the strategy for the ISPS team, regular oversight of program management and operations, and reporting program status to Oversight groups.
- Coordinate with enterprise-wide teams to provide installation, configuration, engineering, administration, and accreditation documents/diagrams for the IDPS solution life cycle. This may include replacements upgrades, enhancements, and new technology deployments.
- Manage the Americas IDPS staff.
- Monitor and analyze Intrusion Detection Systems (IDS/IPS) logs to identify security issues for remediation.
- Manage metrics and reporting with leadership and key stakeholders.
- Provide architectural, design, and operational support to the Intrusion Detection and Prevention service.
- Providing consultation services with regards to signature changes and updates.
- Continually improve the security posture of Deloitte network systems.
- Participate in, and provide input to, development of network firewall architecture.
- Follow proper evidence handling procedures and chain of custody protocols, producing written reports documenting digital forensic findings.
- Must have a good understanding of networks at a net flow, packet level, and analysis methodologies.
- Assists in incident reports of analysis methodology and results.
- Communicate requirements and guide security projects.
- Maintain current knowledge of relevant cyber security technologies.
- Assist with issues that have been escalated from the support analysts.
- Help others in information security concepts, issues, standard and policies.
- Work closely with teams delivering IDS/IPS requests and projects.
- Experience managing a remote team a plus.
- Assist in drafting and editing IPS/IDS related standards, policies and guidelines.
- Assist in drafting and editing IPS/IDS related risk models, methods and procedures.
What you'll be part of - our Deloitte Global Culture:
At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and implement global strategies and provide programs and services that unite our network.
In Deloitte Global, everyone has
Deloitte Global inspires our people at every level. We believe in investing in you, helping you at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching, and mentoring. We want you to ask questions, take chances, and explore the possible.
Benefits you'll receive:
Deloitte’s Total Rewards program reflects our continued commitment to lead from the front in everything we do — that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.
- Bachelor’s University Degree and/or Undergraduate Diploma in Information Security, Information Technology, Computer Science, Engineering, Mathematics, or equivalent experience
- 6+ years
- Experience leading security operations and security systems management.
- Solid understanding of common TCP/IP architecture, principles, operations and controls.
- Solid understanding of network security firewall UTM technologies, trends, vendors, processes and methodologies.
- Solid understanding of common firewall architectures and implementations.
- Strong understanding of basic protocols used by the internet, such as HTTP(S), DNS, TLS
- Solid understanding of basic networking concepts, such as routing, switching, firewall, and common enterprise security monitoring tools.
- Solid understanding of information security principles
- Knowledge of next-gen firewall technologies
- Knowledge of the Cisco Firepower, Checkpoint, Palo Alto, ThreatConnect, and/or Tufin platforms
- Any experience with Splunk (SIEM management tool) is a plus.
- High degree of personal integrity and ethics as well as a passion for protecting people and systems
- Constantly striving for excellence using objective, transparent and agreed upon standards
- Excellent written and oral communication and presentation skills for leadership, technical and business audiences
- Understanding of IPv6 technology, network and application implementations
- Understanding the concpets for network detection and reaction.
- Possess industry-recognized security certifications (e.g., Cisco Certified Security Professional, CCNA-S, Check Point Certified Security Administrator, Palo Alto Networks Certified Network Security Engineer.)
#LI-Hybrid (remote may be an option)