Kuwait - Cyber Security - Assistant Manager job from Deloitte in Kuwait City, Kuwait

Saturday 19th, March 2022

Deloitte

Apply Bookmark

Kuwait City

Full-Time

Accounting / Auditing

Deloitte is a reputed company based in Bengaluru, Karnataka. We are looking for talented professional from the field of Accounting / Auditing to join our team as Kuwait - Cyber Security - Assistant Manager.

RA


Service line

Cyber Security – Cyber Technical


Job title

Senior Consultant / Assistant Manager


Introduction

When you work for us, you commit to a career at one of the largest and most prestigious professional services firms in the world. Looking for a rewarding career? Take a closer look at Deloitte & Touche ME. You'll understand that Deloitte is a Tier 1 Tax advisor in the GCC region since 2010 (according to the International Tax Review World Tax Rankings). It has received numerous awards in the last few years which include Best Employer in the Middle East, best consulting firm, and the Middle East Training & Development Excellence Award by the Institute of Chartered Accountants in England and Wales (ICAEW). A career in Enterprise Risk Services (Risk Advisory, or Risk Consulting) is all about the challenge of helping our clients manage risk and uncertainty, from the boardroom to the network. The spectrum of risk is broad, and our core competencies encompass control assurance, internal audit, corporate governance consulting, risk management, regulatory consulting, and IT security services. To be Risk Advisory professional with Deloitte & Touche Middle East means you will gain a wealth of experience across a wide spectrum of industries. Diversity is not just a part of the business landscape in the region but also an integral part of Deloitte & Touche Middle East. Just as we are committed to seeing our clients excel, we are committed to providing you with the right environment to learn and grow and to tailor a career to your needs.

Professional Knowledge and Experience :

  • Bachelor’s Degree in Computer Engineering or Computer Science from an accredited university.
  • At least 6 years of technical cyber security experience.
  • Working experience in Big Four is a plus.
  • Demonstrated experience in the following domains:
    • Penetration Testing/ Red Teaming (Mandatory)
    • Cloud Security (Preferred)
    • Incident Response and Digital Forensics (Preferred)
  • Penetration Testing/ Red Teaming (Mandatory):

    • Strong experience in Network penetration testing and manipulation of network security controls.
    • Strong experience in Web and Mobile application security assessments based on OWSP 10 controls.
    • Experience in Wireless networks and social-engineering assessments
    • Experience in Source code review.
    • Experience in Wireless networks security assessments.
    • Familiarity with Email, IP Telephony, and Physical Security assessments.
    • Experience in scripting languages and tasks automation using PowerShell, Python or Ruby.
    • Strong understanding of network protocols, data on the wire, and covert channels.
    • Strong understanding of Unix/Linux/Windows operating systems, including bash and Powershell
  • Cloud Security (Preferred):
    • Serve as a subject matter expert on cloud cyber risk for at least one of the leading cloud platforms (AWS, Microsoft Azure/ Office 365)
    • Conduct cloud security assessments and provide recommendations on required configurations for client cloud platforms (such as AWS, Azure) and environments based on Deloitte’s Cloud Cyber Risk Framework.
    • Design and develop cloud platform-specific security policies, standards, and procedures for management group and account/subscription management and configuration (e.g. Azure Policy, Azure Security Center, AWS Config), identity management and access control, firewall management, auditing and monitoring, security incident and event management, data protection, user and administrator account management, SSO, conditional access controls and password/secrets management.
    • Provide internal cloud security technical training to Advisory personnel as needed.
  • Incident Response and Digital Forensics (Preferred):
    • Experience in incident handling process for identifying and triaging security incidents.
    • Familiarity in interpreting, searching and manipulating data within enterprise logging solutions (SIEM).
    • Ability to demonstrate an investigative mindset.
    • Familiarity in threat intelligence and applied use within incident response engagements.
    • Experience in EDR solutions or Endpoint Security tools is preferred. (e.g. CarbonBlack, CrowdStrike or Microsoft Defender).
    • Strong scripting skills in modern scripting languages like PowerShell, Python, Node.js, Javascript, Bash, Ruby, or SQL.
  • Professional Certifications:
    • Information Security:
      • CISSP or CISM or CISA (Any is Preferred)
    • Penetration Testing/ Red Teaming:
      • OSCP (Mandatory)
      • OSEP / OSWE / OSCE (Any is Preferred. Certified candidates will be considered on priority)
      • GWAPT or eWPTX (Any is Preferred)
    • Incident Response and Digital Forensics
      • GCFA or GCIH (Any is Preferred)
    • Cloud Security
      • MS Azure or AWS professional certifications. (Any is Preferred)

Primary Duties and Responsibilities

  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments.
  • Perform secure configuration/ network architecture reviews based on international standards and best security practices.
  • Perform Cloud Security Assessments for the architecture, design and configurations.
  • Develop comprehensive, accurate reports and presentations for both technical and executive audiences.
  • Effectively communicate and discuss findings with internal stakeholders including leadership and technical team members
  • Ability to document and explain technical details in a concise, understandable manner
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences

Competencies

  • Excellent written and oral communication skills.
  • Ability to coordinate multiple projects and priorities simultaneously.
  • Ability to collaborate with others, work independently, initiate action, and adapt to change, make difficult decisions and accept challenging assignments.
  • Excellent presentation skills

  • Disclaimer: This job description is subject to change based on the business / project requirements and at the discretion of management

Skills required

How To Apply

Please submit your application as instructed in the job advert or Apply from Company Website