Sorry, this job is no longer available.

(Loading More Opportunities)

Global Cybersecurity SSDLC Application Migration Analyst


Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?

Want to make an impact that matters? Consider Deloitte Global.

Work you'll do:

The Global Cybersecurity Architecture and Engineering SSDLC Application Migration Analyst reports to the Global Cybersecurity Architecture and Engineering SSDLC Manager. The role focuses on ensuring that all business-related software and infrastructure migration projects and solutions within Global Technology Services (GTS) and Member Firms include security by design in line with Deloitte Global cybersecurity policies and standards and identified cybersecurity risks. This is achieved with executing the Secure Systems Development Lifecycle (SSDLC) and other risk assessment/analysis processes across GTS and member firms.


  • Contributes to, and executes the Secure Systems Development Lifecycle (SSDLC), including functional and non-functional cybersecurity requirements for all application and infrastructure projects migrating to regional data centers (RDC) and cloud environments. Familiar with the impact these security controls have on the respective organizations and their ability to effectively deliver client services
  • Perform in-depth vulnerability management analysis and remediation prioritization for Global Digital Application Studios (GDAS) and member firms
  • Familiar with design patterns and reference architectures to support cybersecurity solutions and requirements are designed and incorporated into detailed architecture documents
  • Evaluates the effectiveness of the security controls and architectures in relationship to actual intrusions seen on the Deloitte network, reported threats at peer organizations and overall cybersecurity threats in the Internet ecosystem
  • Integrates threat modeling and attack frameworks such as MITRE into the risk assessment process


  • Performs technology security reviews for GTS and member firm applications, in line with the SSDLC and Technology Operating Model (TOM), for GTS, Global business functions and member firm application and infrastructure migration projects. Where appropriate, leverage shared security services (Vendor Cyber Risk Assessment, Vulnerability Management, Penetration Testing, Threat Intelligence etc.)
  • Uses agile methodologies to identify and incorporate cybersecurity requirements associated with on-prem and cloud-based environments, and technologies such as RPA, containerization and IOT into the SSDLC
  • Incorporates threat modeling techniques and risk assessment methodologies into the risk assessment and SSDLC processes
  • Provides oversight and assurance of cybersecurity controls in development and deployment through to system/project go-live
  • Supports review of, and documents new and updated applications and systems from a cybersecurity assessment perspective with a primary focus on internal RDC and cloud migrations; could include SaaS, Cloud, COTS, and infrastructure implementations as required by the TOM and SSDLC
  • Effectively work to meet tight deadlines in a fast-paced environment and the ability to reprioritize work while providing a world-class customer experience 

What you'll be part of - our Deloitte Global Culture:

At Deloitte, we expect results. Incredible-tangible-results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and implement global strategies and provide programs and services that unite our network. 

In Deloitte Global, everyone has opportunities. We see the importance of your perspective and your ability to create value. We want you to fit in-with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out-with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.

How you'll grow:

Deloitte Global inspires our people at every level. We believe in investing in you, helping you at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching, and mentoring. We want you to ask questions, take chances, and explore the possible.

Benefits you'll receive:

Deloitte's Total Rewards program reflects our continued commitment to lead from the front in everything we do - that's why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.

Corporate Citizenship:

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.



  • Bachelor's degree: degree in computer science, cybersecurity, other technology-related fields, or equivalent education-related experience

Work experience

  • Minimum of 3 years of combined experience in engineering, solution design and risk assessment in a cybersecurity context
  • Proven track record and experience of the following in a highly complex and global organization:
    • Supporting implementation of security requirements within the systems development lifecycle (SDLC)
    • Demonstrated knowledge of securing applications or infrastructure systems (secure coding methods, WAF, application gateways, firewalls, servers, virtualized technologies)
    • Securing cloud-based environments and understating risks associated with cloud-based solutions hosted in Azure, AWS and GCP
  • Familiarity with network protocols, GWAN and WAN technologies and fundamental networking skills (TCP, IP, IDS/IPS, virtualization, etc.)

Preferred Skills:

  • Professional security certification desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP), Cisco Certified Network Associate (CCNA), or other similar credentials
  • Experience with containerization technologies such as Kubernetes and Docker
  • Experience with DevSecOps and agile methodologies
  • Experience with applying secure application design principles to prevent application specific security defects based on OWASP Top 10 vulnerabilities
  • Exceptional written and verbal English language communication skills
  • Excellent interpersonal and collaborative skills, with ability to communicate technical information, security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels
Salary Range
$53,000.00 - 83,000.00
per Year
Salary range estimated by
Hermitage, TN 37076, US