Senior Consultant - ASM Vulnerability Management FDE

Join Deloitte's Cyber Defense & Resilience team as a forward deployed engineer focused on patching, remediation, and exposure reduction. In this role, you'll work directly with client stakeholders to prioritize vulnerabilities, coordinate patch execution, and improve remediation outcomes across enterprise environments. You'll help bridge security findings with operational action by translating exposure data into structured patching plans, reporting, and measurable risk reduction.

• Leading day-to-day forward deployed engineering execution for client patching and remediation activities across infrastructure, middleware, endpoints, and applications
• Prioritizing remediation activities using vulnerability findings, asset criticality, exploitability, and threat context
• Coordinating with client technology teams to drive patch planning, execution, validation, and exception tracking
• Developing dashboards, status reporting, and remediation metrics that show progress against exposure reduction goals
• Supporting automation and mentoring junior practitioners in patching, remediation, and operational delivery activities

• Ability to work independently and collaborate as part of a team
• Effective written and verbal communication skills
• Meticulous attention to detail and quality of work product
• Ability to build and sustain professional relationships
• Ability to lead projects or work streams
• Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
• Strong interpersonal skills and professional demeanor
• Ability to meet deadlines
• Ability to provide clear guidance to others

Deloitte's Cyber Specialists help organizations manage cyber risk through stronger security, greater visibility, and embedded privacy practices. The Cyber Defense & Resilience team works with clients to design, implement, and operate programs that help protect critical assets, support digital transformation, and respond to evolving threats. Within this practice, forward deployed engineers partner with client teams to accelerate patching, improve remediation governance, and reduce exposure across distributed enterprise environments.

Required:

• 5+ years of experience in information technology, information security, vulnerability management, patch management, or a combination of these
• 4+ years of experience leading remediation execution, patch coordination, or forward deployed engineering activities in enterprise environments
• 4+ years of experience executing or overseeing patching across Windows, Linux, middleware, endpoints, or applications using tools such as Big Fix, Microsoft Endpoint Configuration Manager, Red Hat Satellite, Windows Server Update Services, Tenable, Rapid7, or Qualys
• 2+ years of experience using Power Shell, Bash, Python, Ansible, Terraform, or JavaScript Object Notation for scripting, automation, or configuration activities
• 2+ years of experience using Service Now or another Information Technology Service Management platform to manage remediation workflows, exceptions, metrics, and status reporting
• Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Preferred:

• Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, Information Technology, Mathematics, or Physics
• Experience in a consulting environment
• Experience presenting remediation status, risk updates, or delivery progress to client stakeholders
• Experience with vulnerability prioritization based on exploitability, asset criticality, or attack path data
• Experience with the National Institute of Standards and Technology Cybersecurity Framework, Center for Internet Security, International Organization for Standardization 27001, or Cloud Security Alliance Cloud Controls Matrix