This Job Listing is about Deloitte in Gurugram, Haryana, India
About the job
Job Title: Cloud Security Engineer (Consultant / Senior Consultant)
Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte’s Advisory Cloud Cyber Services team and become a member of the largest group of cybersecurity professionals worldwide.
Work you’ll do
As a Cloud Security Consultant / Senior Consultant, you will be at the front lines with our clients supporting them with their cloud security needs to securely navigate their journey to the cloud on the leading cloud platforms, by implementing industry leading practices around cyber risks and cloud security for clients. You will execute on cloud security engagements during different phases of the lifecycle – assessment, design, implementation, and post-implementation reviews, particularly including:
- Conducting cloud security analysis and providing recommendations on required configurations for client cloud platforms (such as AWS, Azure, GCP, Alibaba Cloud, Oracle Cloud) and environments based on Deloitte’s Cloud Cyber Risk Framework. This can include cloud-native or third-party solutions including directory services (e.g., LDAP, Azure Active Directory (AAD)), infrastructure (compute/networking/storage) services, data protection services, security monitoring, logging, and PaaS services.
- , network security (e.g., firewalls, WAF), etc.
- Providing technical security support for cloud-native (e.g., AAD) and third-party security services and resolve service-related issues through research, troubleshooting, and working with cloud service providers and third-party security solution vendors.
- Troubleshooting problems with cloud infrastructure (e.g., domain name service, virtual network peering, dedicated cloud connectivity services – Azure ExpressRoute, AWS DirectConnect, Google Cloud Dedicated Interconnect) and resources (e.g., virtual machines, virtual networks, cloud databases) in a multi-cloud vendor environment and documenting technical platform issues, analysis, client communication, and resolution as part of cyber risk mitigation steps.
- Designing and developing cloud platform-specific security policies, standards, and procedures for management group and account/subscription management and configuration (e.g. Azure Policy, Azure Security Center, AWS Config), identity management and access control, firewall management, auditing and monitoring, security incident and event management , data protection, user and administrator account management, SSO, conditional access controls and password/secrets management.
- Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc.
- Designing, implementing, and managing DevSecOps capabilities in cloud offerings using CI/CD toolsets and automation (e.g., Boto 3, Lambda, Azure Functions, Google Functions, Python, JSON)
- Supporting and enabling junior team members across both technical and management leadership capacities.
- Providing internal cloud security technical training to Advisory personnel as needed.
- Supporting the team on proposals, whitepapers, proof of concepts, technical eminence materials and firm initiatives.
- Serving as a subject matter expert on cloud cyber risk for at least one of the leading cloud platforms (AWS, Microsoft Azure/ Office 365, GCP, Alibaba Cloud, Oracle Cloud).
Working experience in at least two of the areas listed below.
- 4+ years of hands-on technical experience with at least one cloud platform in security implementation and operations.
- 4+ years of hands-on technical experience with infrastructure systems such as networking (e.g. WAF, Firewall and load balancing), operating systems, SCCM and endpoint engineering, and infrastructure automation implementation or operations
- 4+ years of hands-on technical experience with Cloud Identity and Access management solutions in implementation and operations.
- 4+ years of experience with Big Data and advanced analytics, or AI/ML services (such as Amazon Aurora/Azure SQL/Google Cloud SQL, Amazon EMR/Azure HDInsight/Cloud DataProc, Key management solutions, Storage and backup, Load balancing, Security Management, Databases and EC2 or VM machine hosting Databricks, Data Factory, Amazon Athena/Data Lake Storage/BigQuery, Azure Analysis Services, Synapse Analytics, Machine Learning, etc.)
Ideally the following cloud-related technical experience:
- 2+ years of working with different Cloud platforms (Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS)) and environments (Public, Private, Hybrid) in a security role.
- 2+ years of hands-on technical experience implementing security solutions for leading Cloud service providers e.g., Amazon AWS, Microsoft Azure, Google Cloud.
- 2+ years of full stack development and strong experience with either one of these Python, Java, Angular, R, Go.
- 1+ years of hands-on technical experience enterprise-level security incident and event management (SIEM) implementation or operations.
- 1+ years of infrastructure automation (such as PowerShell, Terraform, Puppet) or DevOps/DevSecOps experience.
- 1+ years of containerization experience (Kubernetes, Docker).
- 2+ years of consulting experience.
- 1+ years of PowerShell, ARM and JSON programing.
- Bachelor’s Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
- Previous Consulting or Big 4 experience preferred.
- Certifications such as: AWS Certified Architect, MCSE new role-based certifications (Azure), GCP Cloud Architect, CCSP, CISSP.
- Experience with previous cloud migrations is a plus.
- Experience with IP networking, VPNs, DNS, load balancing and firewalling concepts – (Focus on cloud native networking, Palo Alto and Cisco DMVPN).
- Experience with Centrify, MFA, McAfee AV, Tenable/Nessus, Trend Micro, Splunk, STIG Hardening.
- Experience with data security tooling (such as Voltage / Informatica) integration with cloud-based storage and data warehouse (DWH) solutions including, but not limited to, EMR / BigTable / BigQuery / DataProc.
- Experience with integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle Backstory).
- Depth of experience and knowledge in cloud platform technologies such as Amazon’s VPC, Elastic Load balancing, Global Accelerator, Transit Gateway, Security Groups, Identity and Access Management IAM, Route 53, Key Management Service (KMS), PrivateLink Direct Connect, Virtual Private Network, CloudFront and API Gateway.
- Experience with cloud automation and container tools like bash scripting, Ansible, Docker, Chef or Puppet.
- Knowledge of business process, user provisioning process, and security maintenance process
- Excellent writing and verbal communication skills
- Strong project management and organizational skills
How You’ll Grow
At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career.
Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters .
We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Learn more about what working at Deloitte can mean for you .
Our people and culture
Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Be inspired by the stories of our people .
You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people .
Requisition code: 105826
|| Gurugram, Haryana, India