Description & Requirements
Required:
Working experience in at least two of the areas listed below.
- Hands-on technical experience with at least one cloud platform in security and infrastructure implementation and operations.
- Hands-on technical experience with at least one of the following:
- Cloud IAM,
- CSPM,
- CASB
Ideally the following cloud-related technical experience:
- 2+ years of working with different Cloud platforms (Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS)) and environments (Public, Private, Hybrid) in a security role.
- 2+ years of hands-on technical experience implementing security solutions for leading Cloud service providers e.g., Amazon AWS, Microsoft Azure or Google Cloud Platform.
- Understanding of key red/blue teaming concepts.
- DevOps/DevSecOps experience or understanding of key concepts.
- 1+ years of containerization experience (Kubernetes, Docker).
- 2+ years of consulting experience.
Preferred:
- Previous Consulting experience.
- Experience with previous cloud migrations.
- Experience with cloud automation and container tools like bash scripting, Ansible, Docker, Chef or Puppet.
- Certifications such as: CCSP, AWS Certified Security Speciality, Microsoft Azure Security, Azure Security Engineer Associate
- Knowledge of security and privacy-related industry standards and frameworks (e.g., ISO 27001/2, NIST 800-53) is a plus.
- Experience with IP networking, VPNs, DNS, load balancing and firewalling concepts - (Focus on cloud native networking, Palo Alto and Cisco DMVPN).
Languages:
- Proficiency in English
- Polish or German are a plus.
Your future role
As a Cloud Security Architect, you will be at the front lines with our clients supporting them with their cloud security needs to securely navigate their journey to the cloud on the leading cloud platforms, by implementing industry leading practices around cyber risks and cloud security for clients.
You will execute on cloud security engagements during different phases of the lifecycle - assessment, design, implementation, and post-implementation reviews, particularly you will:
- Serve as a subject matter expert on cloud cyber risk for at least one of the leading cloud platforms (AWS, Microsoft Azure/ Office 365, GCP, IBM Cloud Platform, Alibaba Cloud, OCI).
- Guide clients on their transition from on-premise security technologies to cloud-native options (e.g., Azure Sentinel, Azure Monitor) and assist clients with the deployment of cloud-native and third-party technologies to secure cloud platforms, including cloud access security broker (CASB), cloud workload protection (CWP), and cloud security posture management (CSPM) solutions.
- Conduct cloud security assessments and provide recommendations on required configurations for client cloud platforms (such as AWS, Azure, GCP, Alibaba Cloud, Oracle Cloud) and environments based on Deloitte's Cloud Cyber Risk Framework. This can include cloud-native or third-party solutions including directory services (e.g., LDAP, Azure Active Directory (AAD)), infrastructure (compute/networking/storage) services, data protection services, security monitoring, logging, PaaS services, and SaaS services (e.g., Office 365).
- Design and develop cloud platform-specific security policies, standards, and procedures for management group and account/subscription management and configuration (e.g. Azure Policy, Azure Security Center, AWS Config), identity management and access control, firewall management, auditing and monitoring, security incident and event management, data protection, user and administrator account management, SSO, conditional access controls and password/secrets management.
- Assist clients in the selection and tailoring of approaches, methods, and tools to support cloud adoption for secure migration of existing workloads to a cloud vendor. This may cover services such as tenant setup and service configuration focused on cloud cyber risk mitigation, IAM (e.g., PIM/PAM, MFA, SSO, Conditional Access), data protection (e.g., DLP, encryption, PKI), network security (e.g., firewalls, WAF), etc.
What we offer
As an M&A professional you will benefit from
- Having a clear career path and Career Coach, who will guide you through the organization and your opportunities
- Possibility to learn from the best – our IT M&A Managers, Directors and Partners worked internationally in supporting transactions
- Working as a one team – we will value your dedication and ideas as much as with more experienced Team Members
- Possibilities of financing certificates and workshops in your chosen career specialization
About Deloitte
About the team
Deloitte Risk Advisory's Cloud Security team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills.
Recruitment Journey
I stage – we will carefully read your resume
II stage – you we be invited for HR interview
III stage - you we be invited for Hiring Manager interview (interview contains case study)
Recruiter tips
We want job seekers exploring opportunities at Deloitte to feel prepared and confident. We suggest you to do your research: know some background about the organization and the business area you’re applying to. Moreover we advise you to brush up on your behavioral and case interviewing skills and practice discussing your experience and job history with a family member, friend or mentor.