Cyber
Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience, grow with confidence, and proactively manage to secure achievements.
Level: Lead Solution Advisor
Work youll do:
As a Senior Consultant, you will be supporting the team/clients with their Cyber needs specifically helping them address Cloud Security concerns and navigate the journey to the Cloud on the Microsoft Sentinel Platform. This will include:
Design and implement robust, secure Google Cloud Platform infrastructure solutions tailored to meet the unique needs of enterprise clients.
Conduct thorough security assessments, threat modeling exercises, and risk analyses of GCP environments to identify vulnerabilities and potential threats.
Review and enhance Identity and Access Management (IAM) policies, service account configurations, Virtual Private Cloud (VPC) architectures, and firewall configurations to minimize attack surfaces.
Integrate security tools and controls seamlessly into Continuous Integration/Continuous Delivery (CI/CD) pipelines and DevOps workflows, promoting a "security-as-code" approach.
Implement and fine-tune cloud-native security services, including VPC Service Controls, Cloud Armor, Cloud Identity and Access Management (IAM), Security Command Center, to maximize protection.
Create and maintain secure Infrastructure-as-Code (IaC) patterns using tools like Terraform or Deployment Manager, ensuring consistent and secure deployments.
Implement security controls and processes to ensure client environments adhere to relevant security standards and frameworks (e.g., ISO 27001, NIST, CIS, HIPAA, PCI-DSS).
Work closely with client stakeholders, including architects, engineers, and security teams, to align security strategies with business objectives
Deliver engaging workshops, comprehensive documentation, and tailored training programs to empower client teams to manage and maintain their GCP security posture.
Must Have Skills:
Bachelors degree in computer science, cybersecurity, information systems, or related field (or equivalent work experience).
5-7 years of progressive experience in cloud security, with deep and demonstrable expertise in Google Cloud Platform (GCP) and its security services.
Proven ability to design and implement complex, secure GCP architectures that meet stringent security and compliance requirements.
Deep understanding of zero-trust architecture, least-privilege access models, and modern cloud security principles.
Strong expertise in GCP networking, Identity and Access Management (IAM), data protection, workload identity federation, and related security controls.
Hands-on proficiency with infrastructure-as-code tools such as Terraform and Cloud Deployment Manager.
Experience embedding security controls and automated checks into DevOps pipelines (CI/CD) using tools like Cloud Build, Jenkins, and GitLab CI.
Proficiency with security automation tools and scripting languages (e.g., Python, Bash).
Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning)
Experience with cloud incident response and forensics in GCP environments.
Excellent client-facing and communication skills, with the ability to present findings and recommendations effectively.
Good to Have Skills:
Relevant security certifications such as CISSP, CCSP, GCP Professional Cloud Security Engineer, Professional Cloud Architect, Professional ML Engineer or similar.
Experience with securing GenAI models in GCP.
Knowledge of security frameworks, such as NIST, CIS, and MITRE ATT&CK, and experience applying them to GCP environments.
Education:
B.Tech/M.Tech/MS/MBA