Cyber
Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat design, and technology as we partner with clients to transform finance.
Position Summary
Level: Manager
Work youll do:
Design core AWS platform security architecture, including areas such as:
o Network (VPC) Subnet, segmentation strategies
o IAM
o Infrastructure-as-a-code (terraform, CloudFormation)
o Storage (S3 and EBS)
o Compute (EC2, ECS)
o Serverless (Lambda, EKS, FarGate)
o Logging and Monitoring (CloudTrail, CloudWatch)
o Organization Account design
o Backup and Disaster Recovery approach and design
o Automation - Environment and application automation using scripting
o AWS Cost Management and Optimization
Design and develop enterprise cyber security strategy and architecture
Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analysis
Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g., Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance, and regulations.
Scripting capability and the ability to develop AWS EAC (environments as code) Familiar with Automation/IAC (infrastructure As Code) Solutions CloudFormation, Terraform, Ansible, Puppet, Jenkins, etc.
Experience in designing authentication and authorization solutions around multi-factor authentication, single sign-on, identity management or related technologies
Ability to design and build application specific security framework aligned with organization security strategy, policies, and compliances requirements
Ability to development Enterprise Security Governance framework, Security Policy, Standard and Control development SABSA/TOGAF
Provide solution of RFPs received from clients and ensure overall design assurance
Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc.
The Team:
Enterprise Security teams embed security in all aspects of digital transformation by securing a clients technical backbone while also enabling secure digital transformation. Services include security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and security for emerging technologies and connected products. Examples of work include Secure by Design, Cloud Security Orchestration & Automation, Core Infrastructure Security, and Secure Software EnablemenDeloitte Cyber team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient.TM cyber programs.
Qualifications
Must Have Skills/Project Experience/Certifications:
Total years of experience required between 9 years to 13 years.
5+ years of experience as a Cloud Security Architect or in the core security domain
5+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS).
Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc.
Experience in designing, planning, and implementing AWS cloud security solutions for hybrid enterprise environments.
In-depth expertise in AWS Governance and Security best practices
Hands-on experience with AWS Organizations, Acquisition and merger of AWS orgs Identity and Access Management, SCP policies, Preventive and Detective guardrails, AWS IAM Identity Center (AWS SSO)
Hands-on experience with centralized logging and monitoring solutions for CloudTrail, Config, Guard Duty, Security HUB, Landing Zone, Lambda, ECS and EKS, WAF, Migration Hub, and SEIM.
Working knowledge of cross-cloud security tools such as SOAR/XSOAR, SIEM, CSPM, CWPP, CIEM, etc.
Experience in securing EKS and or AKS
Knowledge in designing, implementing, and managing DevSecOps capabilities in cloud offerings using CI/CD toolsets and automation.
Experience in managing pipelines and working with tools such as Jenkins, Ansible, Chef, Puppet, Salt stack and terraform.
Experience in IAM, encryption, DevSecOps in AWS and or Azure.
Knowledge of regulatory and compliance frameworks and the requirements underlying each, including ISO, SOX, PCI, FedRAMP and HIPAA
Good to Have Skills/Project Experience/Certifications:
Skills in scripting languages (e.g., Groovy for Jenkins, Bash, Python) to customize pipeline steps and automate repetitive tasks.
Education:
B.Tech/M.Tech/MS/MBA
Location:
Bengaluru/Hyderabad/Pune/Chennai/Kolkata