Cyber Security Consultant

Deloitte is seeking qualified candidates to serve as Cyber Security Consultants (multiple positions available) in support of the USAID Health Reform Support.

Project Description

The purpose of the USAID Health Reform Support (HRS) is to support a transparent, accountable, and effective health care system that is capable of meeting the needs of the Ukrainian people. Advancing health sector reforms, enhancing transparency, and tackling corruption will reduce out-of-pocket payments and improve access and availability of high quality, evidence-based health care services for Ukrainians. Elimination of corruption is a cross-cutting theme across all objectives to be achieved by this activity, which include:

1. Improve health sector governance.
2. Support the transformation of the healthcare financing model.
3. Strengthen the health workforce.
4. Enhance transparency, accountability, and responsiveness of the health care system.
5. Improve service delivery system at all levels.

Responsibilities

• Develop information security management process and policy for eHealth central database to improve protection of data and train National Health Services Ukraine (NHSU)
• Conduct cybersecurity assessment of the NHSU informational system, produce a report with the results, and train NHSU
• Conduct penetration testing of the eHealth system and train State Owned Enterprise (SOE)
• Conduct assessment of access control and security administration in the eHealth system, produce a report with the results, and train NHSU
• Conduct assessment of data security and confidentiality in the eHealth system, produce a report with the results, and train NHSU
• Develop information security management process and policy for eHealth central database to improve protection of data
• Conduct cybersecurity assessment of the eHealth system, produce a report with the results, and train NHSU and SOE staff
• Conduct penetration testing of the eHealth system and train NHSU and SOE staff
• Conduct assessment of data security and confidentiality in the eHealth system, produce a report with the results, and train NHSU and SOE staff
• Create DRS policy and procedures and test the developed plans for SOE

Requirements:

•   3+ years' experience in security architecture and design for end-to-end architecture lifecycles (e.g., conceptual, logical, physical) for organizations
•   3+ years' experience in defining and/or implementing security controls to deliver cyber security and other IT capabilities across multiple layers of the IT architecture stack
•   Domain expertise, implementation and/or integration skills in two or more of following areas:

   -  Identity and access management

-  Security incident and event management

-  Threat intelligence and modelling

-  Security architecture

-  Security technologies (e.g., firewalls, security event monitoring,

   intrusion detection and prevention, malware detection)

-  Data protection, GDPR and/or industry-specific regulations

-  Application security/SDLC

-  Network and Infrastructure Security

-  Cloud security

•   Cryptography
•   Preferably certified in a recognized architecture methodology, e.g. SABSA or TOGAF or equivalent
•   Strong oral and written skills in English and Ukrainian.

Qualified candidates are expected to send their CVs no later than November 17, 2019. Only shortlisted candidates will be invited for an interview.