Deloitte - Azure Architect/Manager - Cloud Security (9-14 yrs)

Work you'll do :

Deloitte Advisory has an opening for a Cloud Security Architect (Manager/Specialist Master). The cloud security architect plays an integral role in defining cloud security strategies, designing cloud security architecture using cloud-native or third-party security services, developing strategies to secure cloud migration, and identifying opportunities to automate security process to enhance and secure client's cloud environment. The individual's key responsibilities will be:

- Determine security requirements for cloud-based solutions by evaluating business strategies and requirements

- Executing on Cloud security engagements across the lifecycle - strategy, design, implementation and operations

- Responsible for supervising the work of team members and supporting delivery teams and staff

- Conducting cloud security analysis of clients' Cloud platforms/environments. This can include IaaS, PaaS and SaaS Cloud platforms such as Azure and M365

- Conducting cloud security readiness assessments and analysis of prospective Cloud platforms/environments prior to broader deployments

- Develop security strategy plans and roadmaps based on cloud architecting best practices, regulatory requirements, and client's business requirements

- Design and implement Azure cloud security architecture, including network security, data protection, identity and access management, and application security

- Design and develop cloud security policies and enforce using cloud-native services or third-party solutions such CSPM (Wiz, Prisma Cloud), CASB/CWPP

- Provide product best fit analysis to ensure end to end security covering different aspects of secure architecture e.g., layered security, zoning, API security, endpoint security, data security, data security, logging

- Act as a Cloud Security subject matter expert and work in conjunction with other project teams on the public cloud ecosystem to develop security solutions

- Develop and implement strategies to secure cloud migration, including secure data migration, secure application migration, and secure infrastructure migration

- Automate security processes and controls to improve the efficiency and effectiveness of the cloud environment

- Stay current on industry trends, emerging threats, and best practices in cloud security and share / advise client's leadership team on mitigation strategies

Required skills :

- 10+ years overall technology experience

- Minimum 3+ years of hands-on technical experience designing and implementing security solutions for leading Cloud service providers across SPI models and environments (Public)

- 2+ years working experience designing cloud security architectures and strategies for enterprises

- 5+ years of relevant consulting or industry experience

- 2+ years in a technical or functional lead role

- 2+ years working with Cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF

- 2+ years hands-on working experience with Cloud security technologies :

1. IAM - Azure AD, B2B, B2C

2. Data Security - Encryption, Masking, Secret Management, Vault

3. Network Security - DDoS, WAF, Firewall, VPN

4. Logging - SIEM, Log Aggregation, XSOAR

5. Vulnerability Management

6. Automation - Terraform, Azure BiCep, ARM, Powershell, Shell

7. Endpoint Security

- 1+ years working with Cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments

- 1+ years working with CSPM and CWPP technologies or planning for large-scale deployments of these technologies

- Strong working knowledge of IT service management (e.g., ITIL-related disciplines)

- Understanding of industry security standards, guidelines and regulatory/compliance requirements related to information security and cloud computing such as ISO 27001, ISO 27018, NIST CSF, NIST 800-53, PCI DSS, SOC2, HIPAA, PCI, SOX, GLBA, etc.

- Certifications should include CCSP, CISSP, CCSK, and other cloud vendor specific certifications

Qualification

- Bachelors / Master's degree in Computer Science, Cyber Security or similar discipline