Manager - Security and Privacy Services

Manager - Security and Privacy Services Deloitte & Touche LLP's ("Deloitte & Touche's") Audit and Enterprise Risk Services business has a risk-based approach, experienced professionals, comprehensive methodologies, and technical resources. Deloitte & Touche's services combine competency and experience in the areas of financial reporting, risk management, and compliance.   Providing security across the enterprise - Security & Privacy Services   Business models today encourage, and even require, opening boundaries between customers, suppliers, and partners. Technology can enable that openness and is also seen as a means to help achieve compliance with corporate policy and regulation. However, behind this increased accessibility and reliance on technology exists real risks and challenges.  Technology can support compliance efforts, act as a business enabler, and provide a foundation to achieving secure systems.  Meanwhile complex network environments, global operations, and human beings often challenge an organization's security efforts. The increasing occurrence and complexity of security threats indicate that security has become a business imperative. Managing information risk at the enterprise level enables companies to achieve more efficient and effective security processes and programs. Issues such as stakeholder value, consumer confidence, brand and reputation protection, and legal and regulatory compliance can be addressed.   Digital information security is a management issue with global business implications. To succeed in today's network economy requires more than simply a focus on IT issues - it also requires a focus on security strategy and management.  Deloitte & Touche provides Security Services that address how to take advantage of this dynamic situation while managing risks and are based on an enterprise-wide approach that focuses on security through four areas:    • Application Integrity   • Identity Management Security     • Infrastructure Security     • Security Strategy and Management   Deloitte & Touche is currently seeking professionals that can: • Provide technical guidance and manage all aspects of information protection architecture projects in complex networked environments • Identify and resolve complex issues and develop innovative solutions for the client's business/technology goals • Provide technical assistance relating to the design and implementation of security and controls of client's networks • Play substantive/lead role in client relationship and communication • Play substantive/lead role in attaining quality internal and external communication deliverables including technical content of reports, proposals, etc. • Demonstrate high level of understanding of client's business • Demonstrate strong knowledge industry or functional specialty • Play substantive/lead role and engagement planning, economics, and billing • Deliver services that meet Deloitte & Touche engagement leader specifications • Membership and visibility in professional & civic organizations • Participate in proposal development efforts • Evaluate, counsel, mentor, and provide feedback on performance of others • Assist in retention of Deloitte & Touche professionals • Participate in training efforts • Play substantive role in enhancing relationships with Deloitte & Touche professionals  Qualifications: - SAP R3 security implementation with any single, or multiple, modules - Understanding segregation of duty concerns with respect to application security implementations - Knowledge and understanding of internal controls and risk analysis processes, as well as Sarbanes-Oxley - Knowledge and understanding of SAP administration and maintenance. - Building SAP application security - Development and preparation of detailed security policies and procedures - Preferred technology experience with the following:             -SAP 4.0 and above             -Knowledge of SAP security from SAP4.0 and above a plus              -Knowledge of Business Warehouse, Customer Relationship Management  (CRM), Advanced Planning Optimization(APO) and  Enterprise Professional Buyer (EPB)               -Knowledge of SAP portals  also a plus - Understanding of SAP, ASAP implementation methodology - Understanding of segregation of duties tools; Approva Bizrights, Virsa or secureinfo and bindview   To be considered for this position the following are essential: - BA/BS in information technology or related field, MS preferred - CISSP, CCNA and/or CISM, CISA certification a plus. - Minimum of five years experience in technical project participation/management - Relevant application security experience   - Prior Big 4/consulting experience - Solid leadership, project management and managerial skills. - Excellent  technical, analytical, interpersonal, communication, and management skills - Industry Experiences in financial services, high-tech, and /or healthcare a preferred - Willingness to travel - Understanding of Sarbanes Oxley - Understanding of financial and/or manufacturing processes Why Work for Deloitte's Security & Privacy Services Group in the Application Integrity Area?   - The Security & Privacy Services Group has a dedicated ERP Implementation practice (AI) who's services focus on implementation and on only occasion support Attest clients as subject matter experts.  This is unique to Deloitte, many other Big 4 audit and accounting do not have a separate implementation service line. - Leadership roles are immediately available on our current projects.  The practice has a need to acquire strong experienced Senior Consultants, Managers and Senior Managers as soon as possible. - We offer a variety of Security opportunities to our practitioners.  We encourage our practitioners to gain skills in multiple ERP packages as well as other areas of security such as Identity Management,Role based Access Controls and Infrastructure Security. - The AI group is currently experiencing over 50% growth. - We offer both internal and external ERP training courses as well as internal sandboxes and systems for learning and solutions development. About DeloitteDeloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Deloitte LLP and its subsidiaries are equal opportunity employers.