Job Title:  T&T | Cyber: CST | Assistant Manager | Risk Management | Pune

The Team 

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about   Cybersecurity 

Your Work Profile 

• As Assistant Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. 

• Manage, maintain, and enhance our Google Chronicle SIEM and SOAR platforms, ensuring effective monitoring, detection, and response to security incidents.  

• The candidate will have strong experience in Google Chronicle administration, detection engineering, and SOC operations to provide continuous security improvements, automation, and technical support to the SOC team. 

Key skills required:

• Perform cyber control assessments to evaluate the design and operating effectiveness of security controls across:
• Network, infrastructure, cloud, and endpoint environments
• Any Graduate
• Identity and Access Management (IAM)
• Application security and SDLC controls
• Data protection and encryption controls
• Incident response and cyber resilience controls
• Assess alignment of controls with established frameworks such as ISO 27001, NIST CSF, NIST 800-53, CIS Controls, and internal security standards.
• Identify control gaps, weaknesses, and improvement areas, and provide risk-based recommendations.
• Support control rationalization and optimization initiatives to reduce redundancy and improve efficiency.
• Policy, Standards & Procedure Review
• Review and assess cybersecurity policies, standards, and procedures to ensure:
• Alignment with regulatory requirements and industry best practices
• Consistency across enterprise environments
• Clear articulation of roles, responsibilities, and control ownership
• Support the development, update, and rollout of information security policies, standards, and operating procedures.
• Validate that policies and procedures are effectively implemented through control testing and evidence reviews.
• Facilitate periodic policy reviews and support policy governance processes.
• Risk Management & Reporting
• Contribute to cyber risk assessments and risk treatment plans by mapping risks to control gaps.
• Document assessment results in clear, concise reports suitable for senior management and audit committees.
• Provide input into cyber risk registers and support ongoing risk monitoring activities.
• Develop and maintain KRIs, control metrics, and compliance dashboards.
• Stakeholder Management & Advisory
• Act as a trusted advisor to IT and business teams on cyber control design, compliance expectations, and remediation approaches.
• Coordinate with multiple stakeholders across geographies to execute assessments efficiently.
• Provide guidance and mentoring to junior team members on control assessment methodologies and documentation standards.