USI- FY26 - Cyber Enterprise Security - GCP + DevSecOps - SA

Cyber

Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience, grow with confidence, and proactively manage to secure achievements.

Enterprise Security:

Enterprise Security teams embed security in all aspects of digital transformation by securing a clients technical backbone while also enabling secure digital transformation. Services include security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and security for emerging technologies and connected products. Examples of work include Secure by Design, Cloud Security Orchestration & Automation, Core Infrastructure Security, and Secure Software Enablement.

Work youll do:

As a Consultant, you will be supporting the team/clients with their Cyber needs specifically helping them address Cloud Security concerns and navigate the journey to the Cloud on the Microsoft Sentinel Platform. This will include:

• Assist in designing and implementing secure Google Cloud Platform infrastructure solutions under the guidance of senior consultants and managers.
• Support security assessments, threat modeling, and risk analysis activities for client GCP environments.
• Help review and update Identity and Access Management (IAM) policies, service account configurations, VPC architectures, and firewall rules.
• Contribute to integrating security tools and controls into CI/CD pipelines and DevOps workflows.
• Support the configuration and tuning of cloud-native security services, such as VPC Service Controls, Cloud Armor, IAM, and Security Command Center.
• Help develop and maintain secure Infrastructure-as-Code (IaC) templates using tools like Terraform or Deployment Manager.
• Assist in implementing security controls and processes to help client environments meet relevant security standards and frameworks (e.g., ISO 27001, NIST, CIS, HIPAA, PCI-DSS).
• Collaborate with client stakeholders and internal teams to align security activities with business objectives.
• Help prepare documentation and training materials to support client teams in managing their GCP security posture.

Must Have Skills:

• Bachelors degree in computer science, cybersecurity, information systems, or related field (or equivalent work experience).
• 3+ years of experience in cloud security or cloud infrastructure, with hands-on exposure to Google Cloud Platform (GCP) and its security features.
• Familiarity with designing and implementing secure GCP architectures, preferably as part of a team.
• Understanding of cloud security principles, such as least-privilege access and zero-trust concepts.
• Experience with GCP networking, IAM, data protection and related security controls.
• Exposure to infrastructure-as-code tools (e.g., Terraform, Cloud Deployment Manager).
• Experience working with CI/CD pipelines and integrating security controls.
• Proficiency with scripting languages (e.g., Python, Bash) for automation tasks.
• Knowledge of container security (e.g., GKE, Kubernetes RBAC, image scanning) is a plus.
• Strong communication and teamwork skills, with the ability to contribute to client discussions and documentation.

Good to Have Skills:

• Relevant security certifications (e.g., GCP Associate Cloud Engineer, GCP Professional Cloud Security Engineer, CompTIA Security+) are a plus.
• Experience with securing GenAI models in GCP.
• Awareness of security frameworks such as NIST, CIS, or MITRE ATT&CK, and interest in applying them to GCP environments.

Education:

       B.Tech/M.Tech/MS/MBA