2018 Graduate Programme – Risk Advisory – Cyber Risk at Deloitte

Where: UK

Deadline: March 30, 2018

Type: Graduate

Check the Deloitte Careers website for details on academic requirements, selection process and professional qualification.

The Programme

The Deloitte Graduate Programme is a first step on a professional career with a highly respected firm. It’s a world-class training scheme, as well as a permanent job that’ll earn you a market-leading salary and benefits.

From the moment you join, you’ll be treated as a Business Advisor, valued for the unique contribution you make and the fresh ideas you bring. You’ll work directly with clients on projects that have a very real and meaningful impact on their success. As well as gaining a recognised professional qualification, you’ll develop the kind of rounded business skills that will serve you well regardless of where your future takes you. And you’ll get all the support you need to become the leader you know you can be.

The Cyber career path sits in the Risk Advisory area of the business.

The Opportunity

Today’s world is more complex, disruptive, technology-based and interconnected than ever before. Which means companies are more exposed to failure and exploitation, to theft, fraud and abuse. It’s our job to help clients limit this exposure. We help them make intelligent decisions about their infrastructure, technology, processes and people, working on challenging projects to help mitigate the risks they are exposed to. Keeping our clients safe, secure and one step ahead.

Our Cyber specialists are true innovators. Whether through our deep technical knowledge and expertise or through non-technical business solutions, we work together to keep our clients safe and secure. Ultimately, we strive to strengthen the security and resilience of our clients’ most valued assets. There are two streams in Cyber that you could join:

  • Cyber Strategy and Transformation (business stream): Not every job within Deloitte Cyber requires a technical background. As cyber-attacks occur with greater frequency and severity, board members and executives are beginning to realise that technology solutions are just one part of a comprehensive approach to managing their cyber risk. Within this stream, you’ll be helping clients to identify and protect their critical information and assets, ensuring that they can not only survive, but also thrive, in a competitive market place.
  • Cyber Technical (technical stream): With technology changing by the second, and security breaches ever-more common, cyber security is critical to business. We provide clients with deep technical knowledge and expertise, from applying advanced defensive technologies to spotting critical vulnerabilities by trying to compromise their network. You’ll also have the opportunity to work on Cyber Strategy and Transformation projects, developing your skills throughout your career.

Your professional experience


  • Use your curiosity, imagination, critical thinking and judgement to analyse complex problems, work out what’s important and deliver bespoke solutions.
  • ‘Access all areas’ of your client’s business to understand its inner workings, helping you develop your business acumen, commercial skills and industry knowledge, as well as developing far reaching and often senior relationships.
  • Take responsibility very early in your career – quickly supervising, coaching and mentoring your own teams.

Cyber Strategy and Transformation (business stream)

  • Cyber strategy - help organisations define their approach to tackling the cyber challenge, defining their target state, and informing board level decisions on investment and strategy.
  • Security transformation - assist organisations to markedly change their approach to information security, implementing changes to people, processes and technology to enhance cyber security capabilities.
  • Insider threat - analyse the risks organisations face from their own employees and design and implement initiatives to mitigate this risk, both from the malicious or accidental insider.
  • Privacy - translate complex legal requirements into practical solutions to allow clients to meet their legal requirements whilst enabling the business through the responsible use of data.
  • Data loss prevention – develop strategies and implement tooling to help clients identify and protect their most confidential data.

Cyber Technical (technical stream)

  • Penetration testing - take on the role of an attacker; trying to exploit system vulnerabilities, scanning for service and application flaws, improper configurations, and risky user behaviour, to help clients identify gaps in their network defences.
  • Cyber incident response - provide clients with technical analysis, containment and post-incident recovery when an incident occurs.
  • Advanced threat intelligence - monitor and assess the threats that may impact on a client, enabling them to swiftly and effectively respond, mitigate risk, and strengthen their cyber resilience.
  • Security architecture - help clients implement security defence in depth across their architecture, delivering unified security designs that address potential risks and align with their cyber strategy.
  • Identity and access management - help clients implement and configure solutions to control and manage how employees, customers and third parties access their information and systems.

To join this stream, you will need a technical degree (e.g. Computer Science, Cyber Security) or a demonstrable knowledge base or skillset in a relevant area, for example: ethical hacking, coding, architecture, networks, and/or security programs (this list is not exhaustive).

Management Standards

One of our firm-wide priorities is to deliver a globally uniform level of quality in core services so that our clients experience a consistent, exceptional Deloitte. To achieve this, global standards have been developed that define the most critical capabilities required by client service professionals. Joining Deloitte, within the business area you chose, you will develop professional qualifications and the following capabilities.

  • Risk Assessment and Mitigation: Ability to effectively perform the technical components of risk assessments to provide an accurate view of the client’s current risk state
  • Delivery Excellence: Ability to manage own work against the project plan, applying quality assurance, and risk procedures to ensure a superior client experience
  • Reporting and Presentations: Ability to develop reports and presentations using appropriate tools
  • Knows the Business and the Industry: Ability to understand the client’s business, interpret sector trends, and learn leading practices
  • Executive Presence: Ability to articulate thoughts and ideas in a clear and composed manner to instil confidence in team and clients
  • Supports Development and Implementation of Cyber Strategy Programs: Ability to enhance quality and efficiency of recommended cyber strategy solutions by applying relevant frameworks, conducting research, and performing analyses

How to Apply

Please apply via: https://www.careers.deloitte.gtios.com/2017/