Are youinterested in working in a dynamic environment that offers opportunities forprofessional growth and new responsibilities? If so, Deloitte &Touche LLP could be the place for you. Traditional security programs have oftenbeen unsuccessful in unifying the need to both secure and support technologyinnovation required by the business. Join Deloitte's Advisory Cloud CyberServices team and become a member of the largest group of cybersecurityprofessionals worldwide.
As a Cloud Security Senior Consultant, you will be at the frontlines with our clients supporting them with their cloud security needs to securelynavigate their journey to the cloud on the leading cloud platforms, by implementingindustry leading practices around cyber risks and cloud security for clients. Youwill execute on cloud security engagements during different phases of thelifecycle – assessment, design, implementation, and post-implementation reviews,particularly you will:
- Serve asa subject matter expert on cloud cyber risk for at least one of the leadingcloud platforms (AWS, Microsoft Azure/ Office 365, GCP, Alibaba Cloud, OracleCloud).
- Guide clientson their transition from on-premise security technologies to cloud-nativeoptions (e.g., Azure Sentinel, Azure Monitor) and assist clients with the deploymentof cloud-native and third-party technologies to secure cloud platforms, includingcloud access security broker (CASB), cloud workload protection (CWP), and cloudsecurity platform management (CSPM) solutions.
- Conduct cloud security assessments and provide recommendations onrequired configurations for client cloud platforms (such as AWS, Azure, GCP,Alibaba Cloud, Oracle Cloud) and environments based on Deloitte's Cloud CyberRisk Framework. This can include cloud-native or third-party solutions includingdirectory services (e.g., LDAP, Azure Active Directory (AAD)), infrastructure(compute/networking/storage) services, data protection services, securitymonitoring, logging, PaaS services, and SaaS services (e.g., 0ffice 365).
- Provide technical security support for cloud-native (e.g., AAD) and third-party security services and resolve service-related issues through research, troubleshooting, and working with cloud service providers and third-party security solution vendors.
- Support proof of concept and production deployments of these cloud technologies.
- Perform technical health checks for cloud platforms/environments prior to broader deployment and assist clients with configuration of cloud platform scanning tools, and delivery of cloud security and compliance reports.
- Design and develop cloud platform-specific security policies, standards, and procedures for management group and account/subscription management and configuration (e.g. Azure Policy, Azure Security Center, AWS Config), identity management and access control, firewall management, auditing and monitoring, security incident and event management, data protection, user and administrator account management, SSO, conditional access controls and password/secrets management.
- Troubleshoot problems with cloud infrastructure (e.g., domain name service, virtual network peering, dedicated cloud connectivity services – Azure ExpressRoute, AWS DirectConnect, Google Cloud Dedicated Interconnect) and resources (e.g., virtual machines, virtual networks, cloud databases) in a multi-cloud vendor environment and document technical platform issues, analysis, client communication, and resolution as part of cyber risk mitigation steps.
- Assist clients in the selection and tailoring of approaches, methods, and tools to support cloud adoption for secure migration of existing workloads to a cloud vendor. This may cover services such as tenant setup and service configuration focused on cloud cyber risk mitigation, IAM (e.g., PIM/PAM, MFA, SSO, Conditional Access), data protection (e.g., DLP, encryption, PKI), network security (e.g., firewalls, WAF), etc.
- Perform cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc.
- Design, implement, manage, and automate DevSecOps capabilities in cloud offerings using CI/CD toolsets and automation (e.g., Boto3, Lambda, Azure Functions, Google Functions, Python, JSON).
- Support and enable junior team members across both technical and management leadership capacities.
- Provide internal cloud security technical training to Advisory personnel as needed.
- Support the team on proposals, whitepapers, proof of concepts, technical eminence materials and firm initiatives.
Deloitte Advisory'sCloud Cyber team helps complex organizations more confidently pursue theirgrowth, innovation and performance agendas through proactive management of theassociated cyber risks. Our professionals provide advisory and implementationservices that integrate risk, regulatory, and technology skills to help clientstransform their legacy programs into proactive Secure.Vigilant.Resilient.TMcyber risk programs. Join the team developing the future state of cyber risksolutions. Learn more aboutDeloitte Advisory's Cyber Risk Services practice.
Workingexperience in at least two of the areas listed below.
· 4+years of hands-on technical experience with at least one cloud platform in securityor infrastructure implementation and operations.
· 4+years of hands-on technical experience with infrastructure systems such as networking(e.g. WAF, Firewall and load balancing), operating systems, SCCM and endpointengineering, and infrastructure automation implementation or operations.
· 4+years of hands-on technical experience with Cloud Identity and Accessmanagement solutions in implementation and operations.
· 4+years of experience with Big Data and advanced analytics, or AI/ML services (suchas Amazon Aurora/Azure SQL/Google Cloud SQL, Amazon EMR/Azure HDInsight/CloudDataProc, Key management solutions, Storage and backup, Load balancing,Security Management, Databases and EC2 or VM machine hosting Databricks, DataFactory, Amazon Athena/Data Lake Storage/BigQuery, Azure Analysis Services,Synapse Analytics, Machine Learning, etc.)
Ideallythe following cloud-related technical experience:
· 2+years of working with different Cloud platforms (Software as a Service (SaaS),Platform as a Service (PaaS) and Infrastructure as a Service (IaaS)) andenvironments (Public, Private, Hybrid) in a security role.
· 2+years of hands-on technical experience implementing security solutions for leadingCloud service providers e.g., Amazon AWS, Microsoft Azure, Google Cloud.
- 2+ years of full stack development and strongexperience with either one of these Python, Java, Angular, R, Go.
- 1+ years of hands-on technical experienceenterprise-level security incident and event management (SIEM) implementationor operations.
- 1+ years of infrastructure automation (suchas PowerShell, Terraform, Puppet) or DevOps/DevSecOps experience.
- 1+ years of containerization experience(Kubernetes, Docker).
- 2+ years of consulting experience.
- 1+ years of PowerShell, ARM and JSON programing.
· BA/BSDegree is required. Ideally in Computer Science, Cyber Security, InformationSecurity, Engineering, Information Technology.
· Travelup to 50% (While 80% of travel is a requirement of the role, due to COVID-19,non-essential travel has been suspended until further notice).
· Limited sponsorship available.
· PreviousConsulting or Big 4 experience preferred.
- Experience with previous cloud migrations isa plus.
- Depth of experience and knowledge in cloud platformtechnologies such as Amazon's VPC, Elastic Load balancing, Global Accelerator,Transit Gateway, Security Groups, Identity and Access Management IAM, Route 53,Key Management Service (KMS), PrivateLink Direct Connect, Virtual PrivateNetwork, CloudFront and API Gateway.
- Experience with cloud automation and containertools like bash scripting, Ansible, Docker, Chef or Puppet.
- Experience with JSON, Python, XML and abilityto write cloud automation scripts desired.
- Certifications such as: AWS CertifiedArchitect, Microsoft new role-based certifications (Azure), GCP Cloud Architect,GCP Cloud Security Engineer CCSP, CISSP.
- Knowledge of security and privacy-relatedindustry standards and frameworks (e.g., ISO 27001/2, NIST 800-53, NIST CSF,CSA CCM) is a plus.
- Experience with IP networking, VPNs, DNS,load balancing and firewalling concepts – (Focus on cloud native networking,Palo Alto and Cisco DMVPN).
- Experience with Centrify, MFA, McAfee AV,Tenable/Nessus, Trend Micro, Splunk, STIG Hardening.
- Experience with data security tooling (suchas Voltage / Informatica) integration with cloud-based storage and datawarehouse (DWH) solutions including, but not limited to, EMR / BigTable /BigQuery / DataProc.
- Experience with integration of AI/ML forAdvanced Security Analytics with existing on-premise and cloud platforms (e.g.,Network Intelligence/ Sentinel/ Chronicle Backstory).
- Knowledge of business process, userprovisioning process, and security maintenance processes.
- Excellent writing and verbal communicationskills.
- Strong project management and organizationalskills.
AtDeloitte, our professional development plan focuses on helping people at everylevel of their career to identify and use their strengths to do their best workevery day. From entry-level employees to senior leaders, we believe there'salways room to learn. We offer opportunities to help sharpen skills in additionto hands-on experience in the global, fast-changing business world. Fromon-the-job learning experiences to formal development programs at DeloitteUniversity, our professionals have a variety of opportunities to continue togrow throughout their career. Explore Deloitte University, TheLeadership Center.
AtDeloitte, we know that great people make a great organization. We value ourpeople and offer employees a broad range of benefits. Learn more about whatworking at Deloitte can mean for you.
Our positive and supportiveculture encourages our people to do their best work every day. We celebrateindividuals by recognizing their uniqueness and offering them the flexibilityto make daily choices that can help them to be healthy, centered,confident, and aware. We offer well-being programs and are continuously lookingfor new ways to maintain a culture where our people excel and lead healthy,happy lives. Learn more about Lifeat Deloitte.
Deloitteis led by a purpose: to make an impact that matters. This purpose defines whowe are and extends to relationships with our clients, our people and ourcommunities. We believe that business has the power to inspire and transform.We focus on education, giving, skill-based volunteerism, and leadership to helpdrive positive social impact in our communities. Learn more aboutDeloitte's impact on the world.
We want job seekers exploring opportunities at Deloitte to feel preparedand confident. To help you with your interview, we suggest that you do yourresearch: know some background about the organization and the business areayou're applying to. Check out recruitingtips from Deloitte professionals.
As used in this posting, “Deloitte Advisory” means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. These entities are separate subsidiaries of Deloitte LLP.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available. https://www2.deloitte.com/us/en/pages/careers/articles/ban-the-box-notices.html
Requisition code: E21NATFSRCPW109-SGO
Apply on company website