Seeking a dynamic and experienced professional to lead its Cyber Security Practice, with core expertise in vulnerability management, DevSecOps, penetration testing, application and network security. This leader will play a key role in shaping and scaling attack management services, delivering high-impact solutions to clients, and guiding the next generation of cyber professionals.
Key Responsibilities:
Lead delivery of Cyber Defense projects across vulnerability management, DevSecOps integration, penetration testing, and secure SDLC.
Lead and guide advanced penetration testing – covering internal/external networks, web/mobile applications and cloud environments – with actionable reporting.
Design and implement enterprise-wide vulnerability management programs, establish metrics, and advise clients on remediation strategy.
Oversee advanced security assessments, including application security (SAST/DAST), network penetration testing, and infrastructure assessments.
Embed security into CI/CD pipelines, driving automation across development and deployment.
Support testing strategy and execution across on-premise, cloud and converged infrastructure.
Serve as a strategic advisor to clients, presenting findings, driving executive communications, and aligning solutions to business goals.
Mentor diverse cybersecurity teams and contribute to the growth of Deloitte’s security offerings.
Qualifications:
Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
Experience: 15+ years of relevant experience, with 5+ years in leadership roles across cyber domains.
Certifications: CISSP, OSCP, CISM, CEH, GPEN, or equivalent expert-level certification(s).
Deep hands-on expertise in threat & vulnerability management, security testing tools/methodologies, and secure application development practices.
Strong communication, client management, and team leadership skills.
Preferred Skills:
Knowledge of cloud security frameworks and risk regulations (NIST, ISO 27001, PCI DSS, etc).
Experience managing large-scale consulting engagements or security programs.