Manager - Security and Privacy Services, Identity & Access Management

Manager - Security and Privacy Services, Identity & Access Management Deloitte & Touche LLP's ("Deloitte & Touche's") Audit and Enterprise Risk Services business has a risk-based approach, experienced professionals, comprehensive methodologies, and technical resources. Deloitte & Touche's services combine competency and experience in the areas of financial reporting, risk management, and compliance.   Providing security across the enterprise - Security & Privacy Services   Business models today encourage, and even require, opening boundaries between customers, suppliers, and partners. Technology can enable that openness and is also seen as a means to help achieve compliance with corporate policy and regulation. However, behind this increased accessibility and reliance on technology exists real risks and challenges.  Technology can support compliance efforts, act as a business enabler, and provide a foundation to achieving secure systems.  Meanwhile complex network environments, global operations, and human beings often challenge an organization's security efforts. The increasing occurrence and complexity of security threats indicate that security has become a business imperative. Managing information risk at the enterprise level enables companies to achieve more efficient and effective security processes and programs. Issues such as stakeholder value, consumer confidence, brand and reputation protection, and legal and regulatory compliance can be addressed.   Digital information security is a management issue with global business implications. To succeed in today's network economy requires more than simply a focus on IT issues - it also requires a focus on security strategy and management.  Deloitte & Touche provides Security Services that address how to take advantage of this dynamic situation while managing risks and are based on an enterprise-wide approach that focuses on security through four areas:    • Application Integrity   • Identity Management Security     • Infrastructure Security     • Security Strategy and Management   Deloitte & Touche is currently seeking professionals that can: • Provide technical guidance and manage all aspects of information protection architecture projects in complex networked environments • Identify and resolve complex issues and develop innovative solutions for the client's business/technology goals • Provide technical assistance relating to the design and implementation of security and controls of client's networks • Play substantive/lead role in client relationship and communication • Play substantive/lead role in attaining quality internal and external communication deliverables including technical content of reports, proposals, etc. • Demonstrate high level of understanding of client's business • Demonstrate strong knowledge industry or functional specialty • Play substantive/lead role and engagement planning, economics, and billing • Deliver services that meet Deloitte & Touche engagement leader specifications • Membership and visibility in professional & civic organizations • Participate in proposal development efforts • Evaluate, counsel, mentor, and provide feedback on performance of others • Assist in retention of Deloitte & Touche professionals • Participate in training efforts • Play substantive role in enhancing relationships with Deloitte & Touche professionals  Qualifications: - BA/BS Degree in Business Administration, Computer Science, Engineering, Accounting or Information Systems - Strong oral and written communications skills - Strong potential for growth and acceptance of additional responsibilities - Ability to take a broad view of his/her position and take initiative to communicate, interact and cooperate with others - Demonstrated ability to write report segments and to participate in presentations - Open to travel requirements - Ability to work as a member of a team and independently Required Skills Include: - 5+ years of experience in developing, implementing or architecting information systems - 3+ years technical architecture experience integrating identity and access management software into clients' infrastructure and applications - 1-3 years experience in managing deployments of at least one identity and access management product such as:  CA/Netegrity SiteMinder/IdentityMinder, Oblix NetPoint/COREid, IBM Tivoli Identity Manager and/or Access Manager, Sun Identity Manager and/or Access Manager - Experience developing identity management strategies, architectures and implementation plans - Experience managing projects through the full system development lifecycle - Some experience with at least one of the following development environments/languages:  J2EE, Java, JavaScript, .NET or C#   Desired Additional Skills Include: - Identity Management familiarity in one or more of the following areas:             -Single Sign On             -Enterprise Directory Architecture and Design including directory schema, namespace and replication topology experience             -Resource Provisioning             -Role Base Access Control             -Java development - Familiarity with BEA WebLogic, IBM WebSphere or Tomcat - Experience with one or more directories such as Active Directory, IBM Directory Server, SunONE Directory Server and Novell e-Directory - Familiarity with:  major operating systems such as Microsoft Windows and Unix; mainframe security packages such as TopSecret, ACF2 and RACF; and/or leading packaged application solutions for ERP systems, CRM systems or portals - Working knowledge of virtual directories such as Radiant Logic and OctetString - Familiarity with federated identity and web services security concepts such as SAML, Liberty ID-FF and ID-WSF, WS-Federation and WS-Security - Familiarity with web services security and management tools such as:  Actional, AmberPoint, Digital Evolution, Reactivity and Vordel - Experience leading business requirements gathering and translating those into system requirements - Experience facilitating business process design as it relates to managing identities and access privileges - Experience developing identity management governance plans - Understanding of current regulatory environment and related implications to identity management and security/audit compliance - Experience with selling consulting services to clients - Ability to assist in practice development - Prior Big 4 or leading system integrator experience About DeloitteDeloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Deloitte LLP and its subsidiaries are equal opportunity employers.