Join Deloitte’s Cybersecurity organization as a Consultant, Cyber Engineering, supporting the Cyber Exposure Management (CEM) team. In this role, you will help identify, assess, and prioritize cyber exposures by coordinating with asset owners, security teams, and stakeholders across the organization. The role focuses on analysis, reporting, remediation coordination, and continuous improvement of exposure management activities.
Work you'll do
As a Consultant, Cyber Engineering on the Cyber Exposure Management team, you will be responsible for…
-
Coordinate with asset owners, security tooling teams, and stakeholders to support remediation planning and drive exposures through resolution
-
Analyze identified exposures by evaluating asset criticality, business impact, and risk context to support risk prioritization
-
Track remediation timelines, monitor progress, and follow up on actions to support closure of identified issues
-
Prepare reporting on exposure posture, remediation status, and key risk themes for stakeholders and leadership
-
Support the development of dashboards and metrics that measure Cyber Exposure Management activities and identify improvement opportunities
The team
The Cyber Exposure Management (CEM) function sits within the wider Deloitte Cybersecurity organization. The CEM team serves as a central team providing an ongoing picture of the entire exposure landscape, offering deep risk context and a holistic and continuous view covering external, internal, cloud, and identity assets.
This role within Cyber Exposure Management, will play a pivotal role in the CEM team. This role is central to bridging the gap between security tooling outputs, asset owners, and leadership, by driving the continuous identification, assessment, and prioritisation of cyber exposures.
The successful candidate will be instrumental in supporting CEM processes, providing expert analysis, and fostering effective communication to ensure the organisation's cyber risk posture is understood and proactively managed. This role focuses on analysis, coordination, and reporting.
Location: Hyderabad
Shift Timings: 11 AM to 8 PM
Qualifications
Required:
-
3-5 years of experience in information security, cybersecurity, cyber exposure management, attack surface management, cyber risk, or threat intelligence
-
Experience using Qualys, Prisma, CyCognito, and ServiceNow
-
Experience preparing reports or dashboards using Power BI or similar reporting tools
-
Working knowledge of Microsoft Office
-
Knowledge of Common Vulnerabilities and Exposures and Common Vulnerability Scoring System
Preferred:
-
Experience using Key Risk Indicators in risk reporting or monitoring activities
-
Knowledge of confidentiality, integrity, and availability principles
-
Knowledge of data analysis, root cause analysis, and security testing
-
Knowledge of cybersecurity frameworks such as International Organization for Standardization 27000 family, Open Worldwide Application Security Project, and National Institute of Standards and Technology
-
Industry certifications such as Information Technology Infrastructure Library Foundation, CompTIA Security+, CompTIA CySA+, or GIAC Security Essentials