IT Security Engineer

Company Name:
Deloitte is one of the leading professional services organizations in the United States, specializing in audit, tax, consulting and financial advisory services with clients in more than 20 industries. We provide powerful business solutions to some of the world's most well-known and respected companies, including more than 75 percent of the Fortune 100.
At Deloitte, you can have a rewarding career on every level. In addition to challenging and meaningful work, you'll have the chance to give back to your community, make a positive impact on the environment, participate in a range of diversity and inclusion initiatives, and find the support, coaching, and training it takes to advance your career. Our commitment to individual choice lets you customize aspects of your career path, your educational opportunities and your benefits. And our culture of innovation means your ideas on how to improve our business and your clients' will be heard.
Deloitte Services LP includes internal support areas such as Marketing and Communications, Human Resources/Talent, Information Technology, Facilities Management, and Financial Support Services.
The successful candidate willhelp develop security best practices for Enterprise Platforms : server,database and application security. This position will be responsible for creationand execution of the policies and procedures pertaining to the standardsdetermined by the Office of Information Security and Audit committees. Thecandidate will advise & develop responses to the various audit requests.The candidate will evaluate compliance reports and devise solutions toeliminate inconsistencies or address audit recommendations within theenvironment. The candidate will interact closely with the Office of InformationSecurity, Application Delivery Services, Open Systems and Internal Audit.
- Defineand implement database & server security standards and controls.
- Developand enhance Infrastructure standards, controls, and policies.
- Develop& implement automated controls where applicable.
- Evaluatetools and technologies to automate security and administration tasks.
- Pointof contact for server, storage, and database on all audit activities.
- Reportingof and follow-up on compliance matters.
- Trainteams on security policy, procedures, tools, and best practices.
- Supportand implement SAP security.
- Activelyparticipate in decision making with management and seek to understand thebroader impact of current decisions.
- Generateinnovative ideas and challenge the status quo.
- Facilitateuse of technology-based tools or methodologies to review, design and/orimplement products.
Expertise in Windows, Linux and UNIX operating systems security& audit features.
Expertise in Oracle and SQL Database security & auditfeatures.
Experience with security compliance tools including BigFixand SCCM.
Ability to construct and assess high-level and detailedsecurity programs translating business needs and regulatory requirements intocost effective and risk appropriate controls.
Able to assess, develop and implement information securityprograms including organizational design and key process/procedures.
Ability to develop information security strategies and plansbased on security standards, such as ISO17799, regulatory and businessrequirements
Must have strong communication, presentation, andinterpersonal skills.
Experience with MS-Office products to build presentationsusing Word, Excel, and PowerPoint.
Understanding of programming and/or scripting languages.
Strong analytical and problem solving skills.
Produce and maintain accurate documentation and compliancereports.
Knowledge of common monitoring, troubleshooting, andautomation tools.
Bachelor's degree in Computer Science or BusinessInformation Systems.
5+ years of relevant IT experience with security complianceon different platforms.
Strong troubleshooting techniques with the ability to use automatedcompliance tools.
Familiarity with multiple security frameworks, riskassessment and management methodology.
Familiarity with compliance tools like BigFix or SCCM.
Familiar with establishing and maintaining General ITControls.
Demonstrates an ability to manage and prioritize multiple competingpriorities effectively.
Excellent communication, presentation, influencing, andreasoning skills.
Self-reliant, self-motivated with a "can do" attitude. Mustbe willing to learn new technologies and provide cross-training.
Experience with internal controls, risk assessments,business process and internal IT control testing or operational auditing.
Experience with SAP security and controls is desirable.
Experience with Sarbanes-Oxley, COSO & COBIT is a plus.
Strong background in auditing techniques and/or computercontrol environments.
Knowledge of information security standards: ISO17799,BS7799, ITIL, NIST is preferred.
Experience writing scripts in one or a combination of thefollowing: C#, C++, PowerShell, VB, or SQL Server (T/SQL).
Knowledge of Tripwire, Log Logic, or similar tool isdesirable.
CISA or similar certification is a plus.
About Deloitte
As used in this document, "Deloitte" means Deloitte LLP and its subsidiaries. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Disclaimer: If you are not reviewing this job posting on our Careers' site ( ) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at .
Req Number: 17 06262
Category: Information Technology
Location: Nashville, TN

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.