Loading...
Share this Job

Firewall Compliance Manager (APAC/Global)

Date: 
Location: 

Western Sydney, NSW, AU

Department:  Internal Client Services
Description: 

•    Work in a highly innovative and transformative business
•    Work/life balance with access to flexible work arrangements
•    Salary packaging – to suit your personal and financial circumstances

  

What will your typical day look like?

 

The Compliance Firewall Manager is responsible for secure operation of the technologies that fall under the umbrella of the Cybersecurity – Firewall. Responsible for the day to day management of the firewall policy change requests, including direct management of the operations and the FPCR team. This position will serve as a Delivery Manager for the Firewall team. Actively participates in the change requests of firewall security policy. Collaborates with other Deloitte teams, member firms and external parties to address/remediate identified security issues.
 

Joining the Deloitte Global IT Cybersecurity team based in Sydney/Western Sydney, you will be working in one of the world’s largest holistic internal cybersecurity organisations. You will be operationally responsible for proactively preventing, detecting, and responding to cyber-attacks across a complex global footprint.
 

As part of the Global Cybersecurity team, you will work closely with stakeholders across the APAC member firm to deliver technical assessments against a broad range of services. As such your responsibilities in this role could include:

  • Oversee the technical delivery/functions of the Firewall Policy Compliance Service and Firewall Audit Service
  • Manage the Firewall Policy Change Review operational and regional staff
  • Provide architectural, design, and operational support of the Firewall Policy Change Request and audit service
  • Assist with issues that have been escalated from the support analysts
  • Review firewall security policy changes against Deloitte policies, standards, and best practice
  • Respond to firewall change requests to provide compliance validation for their approval
  • Providing advanced consultation services with regards to firewall policy change requests, including potential workarounds to meet business needs in a secure manner
  • Continually improve the security posture of Deloitte network firewall systems.
  • Participate and provide input in development of network firewall architecture.
  • Define and adapt criteria for security reviews based on internal policy and standards.
  • Perform periodic reviews of all network firewall configurations to maintain compliance.
  • Track remediation of findings by firewall compliance team.
  • Act and communicate security project requests.
  • Willingness to participate in vendor relationships and meetings.

People Management:

·        Lead efforts around firewall compliance policy reviews

·        Help others in information security concepts, issues, standard and policies.

·        Work closely with teams delivering firewall compliance requests and projects.

 

About the team 
The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardising and securing critical infrastructure, and gaining cyber visibility through security operations centres. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte’s global network of firms around the globe. 

 

Enough about us, let’s talk about you. 
You will have experience in the Information Security / Cybersecurity domain with a focus on Firewall management.

 

More specifically, you are someone who has:

Technical expertise: 

  • Experience leading security operations and security systems management
  • Working knowledge of following frameworks and regulations: NIST Cybersecurity Framework, ISO 27001/2, SANS Top 20 Critical Security Controls, SOX and CFR-Part 11
  • Solid understanding of common TCP/IP architecture, principles, operations and controls
  • Solid understanding of network security firewall UTM technologies, trends, vendors, processes and methodologies.
  • Solid understanding of common firewall architectures and implementations.
  • Strong understanding of basic protocols used by the internet, such as HTTP(S), DNS, TLS
  • Solid understanding of basic networking concepts, such as routing, switching, firewall, and common enterprise security monitoring tools.
  • Solid understanding of information security principles
  • Solid understanding of information security policy enforcement
  • Experience with host-based firewall, or network-based VPN products (F5) as well as SIEM management tools.

 

Experience with the following products are strongly preferred:

  • Knowledge of next-gen firewall technologies
  • Knowledge of the Cisco Firepower, Checkpoint, Palo Alto, and/or Tufin platforms
  • Any experience with host-based firewall, or network-based VPN products as well as SIEM management tools is a plus. 

 

Other Qualifications:

  • High degree of personal integrity and ethics as well as a passion for protecting people and systems
  • Constantly striving for excellence using objective, transparent and agreed upon standards
  • Excellent written and oral communication and presentation skills for leadership, technical and business audiences
  • Possess industry-recognized security certifications (e.g., Cisco Certified Security Professional, CCNA-S, Check Point Certified Security Administrator, Palo Alto Networks Certified Network Security Engineer.)

 

Why Deloitte? 
At Deloitte, we create positively differentiated work experiences that enable our people to feel valued and achieve their full potential. We value difference and embrace people with diverse backgrounds and thinking styles. Knowing that people work best in a variety of ways, we are happy to discuss alternative arrangements if the working pattern you are looking for is not specifically indicated.

Next Steps 
Sound like the sort of role for you? Apply now using the link provided. 
If you require more information you can contact Marlon Vallarta at mvallarta@ deloitte.com.au for a confidential discussion.