US E – Consulting Services – Cyber Defense and Resilience – CTEM Vulnerability Mgmt Senior Consultant - 341011

Are you an experienced cybersecurity professional looking to take on complex challenges, expand your leadership impact, and help shape the future of cyber defense?  At Deloitte & Touche LLP, you’ll work with leading organizations to address a critical business issue: strengthening security while enabling innovation and reducing threat exposure.  Join Deloitte’s Cyber Defense & Resilience Continuous Threat Exposure Management (CTEM) team to help clients identify, assess, and reduce their attack surface and overall cyber risk.  In this role, you’ll bring your experience to high-impact client environments, work alongside top cyber practitioners, and contribute to some of the market’s most complex and strategic security engagements.

Work you’ll do

As a Cyber Defense & Resilience Senior Consultant, you will work directly with clients to address complex attack surface security challenges and strengthen their overall cyber posture.  You will support organizations in reducing risk by applying leading practices across cybersecurity, security operations, and threat exposure management.  This role offers the opportunity to help clients navigate an evolving threat landscape while delivering practical, business-aligned security solutions. In this role, you will:

·       Execute exposure-based patching and automation aligned to CTEM priorities

·       Build trusted client relationships through high-quality delivery

·       Deploy and maintain vulnerability and patch management tools

·       Support end-to-end patching operations

·       Coordinate patching activities across technologies, teams, and lifecycle phases

·       Provide technical guidance across vulnerability management, patching, exception management, and reporting

·       Identify opportunities to improve efficiency, reduce risk, and enhance threat visibility

·       Develop clear, accurate client deliverables and support proposals, POVs, and firm initiatives

·       Mentor junior team members and contribute to innovation in security technologies

·       Drive innovation and next generation security and technologies.

The team

At Deloitte, our Cyber Specialists help organizations manage cyber risk and drive business value through stronger security, greater visibility, and embedded privacy.  By combining program design, implementation, operations, and incident response capabilities with deep industry and mission knowledge, we help clients protect their most valuable assets, enable secure digital transformation, and respond quickly to an evolving threat landscape.

Required:

·       5 years of experience in information technology and/or information security

·       Experience working with service delivery teams across multiple geographic regions

·       Ability to analyze vulnerability and exposure data to determine patching priorities

·       Hands-on experience remediating vulnerabilities across operating systems, middleware, and applications

·       Ability to execute day-to-day patch deployment based on CTEM-driven prioritization

·       Experience supporting patch automation using Ansible playbooks and scripting

·       Ability to validate patch deployment through rescans, testing, and system health checks

·       Experience troubleshooting failed deployments and resolving patching issues

·       Ability to support emergency patching for critical vulnerabilities and zero-day events

·       Experience documenting patch procedures, runbooks, and exception processes

·       Ability to coordinate patch windows and remediation activities with asset owners and stakeholders

·       Experience contributing to exposure reduction metrics and reporting

·       Hands-on experience with patch management tools such as BigFix, SCCM/MECM, Red Hat Satellite, and WSUS

·       Familiarity with vulnerability management tools such as Tenable, Rapid7, and Qualys

·       Proficiency in PowerShell, Bash, Python, and JSON, including automation scripting

·       Experience with automation tools such as Ansible and Terraform

·       Foundational knowledge of AI and LLM concepts, including common use cases, risks, and security considerations

·       Understanding of CVSS, exploitability, and exposure context

·       Experience with both Linux and Windows patching

·       Working knowledge of ITSM and CMDB platforms such as ServiceNow

·       Strong client-facing, consulting, collaboration, and communication skills

·       Ability to work independently and exercise sound professional judgment

·       Strong problem-solving and troubleshooting skills

·       Experience supporting client proposals and work orders

·       Demonstrated ability to plan, design, deploy, operationalize, and lead scalable vulnerability and patch management initiatives

·       Foundational knowledge of security principles such as defense-in-depth, least privilege, security architecture, and threat modeling

Additional Requirements:

·       Travel up to 50%.

·       Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

·       Identify opportunities to improve engagement profitability.

·       Excellent teamwork and interpersonal skills.

Preferred:

·       Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Engineering, Information Technology, or a related field

·       Consulting or Big 4 experience preferred

·       Familiarity with frameworks such as NIST CSF, CIS, ISO 27001, and CSA CCM

·       Experience with ServiceNow workflows, automation, and orchestration

·       Strong proposal development, communication, project management, and organizational skills