Cyber Risk Manager Jobs in Pennsylvania (NOW HIRING)

Cyber Data Protection Manager

Are you passionate about helping leading organizations reduce cyber risk, protect critical data, and build resilience in an increasingly complex digital world? If so, consider joining Deloitte & Touche LLP's growing Cyber Risk Digital Trust & Privacy practice. Our teams work with clients to deliver business-driven data protection and privacy solutions that not only address regulatory requirements, but also enable secure growth, strengthen trust, and improve operational effectiveness. You'll help organizations harness emerging and innovative technologies to better understand their data, protect what matters most, and stay ahead of evolving threats.

Recruiting for this role ends on 6/5/2026.

 Work You'll Do

• Serve as a subject matter expert and trusted advisor to clients, helping them assess strategic and practical data protection needs in response to emerging risks
• Assist clients in designing, implementing and operating technology and process solutions to reduce data risks
• Assist clients with developing requirements, evaluating vendor solutions, architecting, implementing and operating data protection solutions
• Lead client engagements and drive results by:
  • Driving day-to-day execution, communicating updates to clients and firm leadership
  • Providing leadership and support to delivery teams to ensure completion and accuracy of high-quality work products
  • Tracking and reporting on project timelines to ensure on time and on budget delivery
• Perform the role of mentor and coach to assist junior staff to develop skills by providing feedback, sharing experiences and creating opportunities for professional growth
• Manage and lead the proposal development process
• Contribute to Deloitte's thought leadership in client organizations and external marketplace
• Help foster an inclusive, collaborative, and high-performing team environment
• Stay current on industry trends in cyber risk, data protection, and emerging technologies

The Team

Enables trust and safety of online communications and digital products, protecting users, consumers, and patients from harm. Enables clients to provide consumer confidence in knowing with whom they are dealing and ensuring the integrity of access to data.

Qualifications

Required:

• 7+ years of professional experience in data protection and information security, which may include Data Discovery, Data Classification and Rights Management (DCRM, DRM, IRM), Data Access Governance(DAG), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Data Security Posture Management (DSPM), Cloud Security and SaaS Security (e.g., AWS security, Azure/M365 security, Databricks, Snowflake)
• 3+ years of professional experience developing data protection strategies, roadmaps and frameworks, including designing, implementing and operating data protections services
• 3+ years of total hands-on technical experience and/or architecture-level experience with two or more data protection technologies
• Experience with collaboration security, SharePoint security, SharePoint Advanced Management, SharePoint lifecycle management, or data access governance controls
• Hands-on technical experience and/or architecture-level experience with Microsoft Purview, including one or more of the following: DLP, sensitivity labels, data classification, DSPM, DSPM for AI, on-demand classification, or related Microsoft 365 data security capabilities
• Knowledge of AI security and governance concepts, including data protection considerations for generative AI, copilots, agents, or other AI-enabled business use cases
• Experience defining data protection use cases, documenting business requirements and evaluating technology solutions
• Experience leading collaborative efforts across organizational silos, including multifunctional teams of IT professionals, legal/compliance teams, and business executives
• Experience managing project plans, budgets, staffing, and executive-level stakeholder communications in a consulting or client-facing environment
• Familiarity with change management, deployment and operational processes in large IT organizations
• Professional certifications such as CISSP, CISM, CCSP, SC-100, SC-400, AWS Security Specialty or similar.
• Bachelor's degree in Cybersecurity, Information Security, Engineering, Computer Science, Information Technology or related field
• Ability to travel 25-50%, on average, based on the work you do and the clients and industries/sectors you serve.
• Limited Sponsorship may be offered.

Preferred:

• Significant industry work experience preferred
• Experience with public cloud (Azure, AWS, GCP) security and modern data platforms (e.g., Snowflake, Data bricks)
• Experience with third-party DSPM, data discovery, or data governance solutions such as Cyera, Securiti, Varonis, Sentra, AvePoint, Atlan, or Collibra
• Familiarity with sophisticated multinational companies and distributed business models
• Experience in regulated industries and familiarity with requirements such as HIPAA, PCI DSS, SOX, or global privacy obligations.
• Demonstrated success contributing to proposals, practice growth, market eminence, or people development.

Cyber Data Protection Manager

Are you passionate about helping leading organizations reduce cyber risk, protect critical data, and build resilience in an increasingly complex digital world? If so, consider joining Deloitte & Touche LLP's growing Cyber Risk Digital Trust & Privacy practice. Our teams work with clients to deliver business-driven data protection and privacy solutions that not only address regulatory requirements, but also enable secure growth, strengthen trust, and improve operational effectiveness. You'll help organizations harness emerging and innovative technologies to better understand their data, protect what matters most, and stay ahead of evolving threats.

Recruiting for this role ends on 6/5/2026.

 Work You'll Do

• Serve as a subject matter expert and trusted advisor to clients, helping them assess strategic and practical data protection needs in response to emerging risks
• Assist clients in designing, implementing and operating technology and process solutions to reduce data risks
• Assist clients with developing requirements, evaluating vendor solutions, architecting, implementing and operating data protection solutions
• Lead client engagements and drive results by:
  • Driving day-to-day execution, communicating updates to clients and firm leadership
  • Providing leadership and support to delivery teams to ensure completion and accuracy of high-quality work products
  • Tracking and reporting on project timelines to ensure on time and on budget delivery
• Perform the role of mentor and coach to assist junior staff to develop skills by providing feedback, sharing experiences and creating opportunities for professional growth
• Manage and lead the proposal development process
• Contribute to Deloitte's thought leadership in client organizations and external marketplace
• Help foster an inclusive, collaborative, and high-performing team environment
• Stay current on industry trends in cyber risk, data protection, and emerging technologies

The Team

Enables trust and safety of online communications and digital products, protecting users, consumers, and patients from harm. Enables clients to provide consumer confidence in knowing with whom they are dealing and ensuring the integrity of access to data.

Qualifications

Required:

• 7+ years of professional experience in data protection and information security, which may include Data Discovery, Data Classification and Rights Management (DCRM, DRM, IRM), Data Access Governance(DAG), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Data Security Posture Management (DSPM), Cloud Security and SaaS Security (e.g., AWS security, Azure/M365 security, Databricks, Snowflake)
• 3+ years of professional experience developing data protection strategies, roadmaps and frameworks, including designing, implementing and operating data protections services
• 3+ years of total hands-on technical experience and/or architecture-level experience with two or more data protection technologies
• Experience with collaboration security, SharePoint security, SharePoint Advanced Management, SharePoint lifecycle management, or data access governance controls
• Hands-on technical experience and/or architecture-level experience with Microsoft Purview, including one or more of the following: DLP, sensitivity labels, data classification, DSPM, DSPM for AI, on-demand classification, or related Microsoft 365 data security capabilities
• Knowledge of AI security and governance concepts, including data protection considerations for generative AI, copilots, agents, or other AI-enabled business use cases
• Experience defining data protection use cases, documenting business requirements and evaluating technology solutions
• Experience leading collaborative efforts across organizational silos, including multifunctional teams of IT professionals, legal/compliance teams, and business executives
• Experience managing project plans, budgets, staffing, and executive-level stakeholder communications in a consulting or client-facing environment
• Familiarity with change management, deployment and operational processes in large IT organizations
• Professional certifications such as CISSP, CISM, CCSP, SC-100, SC-400, AWS Security Specialty or similar.
• Bachelor's degree in Cybersecurity, Information Security, Engineering, Computer Science, Information Technology or related field
• Ability to travel 25-50%, on average, based on the work you do and the clients and industries/sectors you serve.
• Limited Sponsorship may be offered.

Preferred:

• Significant industry work experience preferred
• Experience with public cloud (Azure, AWS, GCP) security and modern data platforms (e.g., Snowflake, Data bricks)
• Experience with third-party DSPM, data discovery, or data governance solutions such as Cyera, Securiti, Varonis, Sentra, AvePoint, Atlan, or Collibra
• Familiarity with sophisticated multinational companies and distributed business models
• Experience in regulated industries and familiarity with requirements such as HIPAA, PCI DSS, SOX, or global privacy obligations.
• Demonstrated success contributing to proposals, practice growth, market eminence, or people development.