Azure Cloud Security Senior Manager
Company: Deloitte
Location: Jersey City
Posted on: May 14, 2022
|
|
Job Description:
Are you interested in working in a dynamic environment that
offers opportunities for professional growth and new
responsibilities? If so, Deloitte & Touche LLP could be the place
for you. Traditional security programs have often been unsuccessful
in unifying the need to both secure and support technology
innovation required by the business. Join Deloitte's Advisory Cloud
Cyber Services team and become a member of the largest group of
cybersecurity professionals worldwide.Work you'll doAs an Azure
Cloud Security Senior Manager, you will be at the front lines with
our clients supporting them with their cloud security needs to
securely navigate their journey to the cloud on the leading cloud
platforms, by implementing industry leading practices around cyber
risks and cloud security for clients. You will:Advise on strategy
and designing and implementing, migrating, and operating cloud
solutions including cloud operations optimization, native
development, integration, and as-a-service based services.Maintain
client relationships by developing a reputation as an independent
professional who delivers exceptional results.Serve as a subject
matter expert (SME) on the Azure cloud cyber risk for senior
business and technology stakeholders.Lead Cyber Risk teams as part
of Cloud Transformation projects at industry leading clients using
the Azure cloud platform and for multi-cloud (such as AWS, Azure,
GCP, Alibaba Cloud, Oracle Cloud) servicesCreate executable
strategies to initiate, grow and sustain profitable relationships
with clients.Educate business and technology stakeholders on cyber
value propositions of cloud and participate in deep architectural
discussions to ensure solutions are designed for successful
deployment in the Azure cloudCapture and share leading-practice
knowledge amongst the technology community.Ensure that the Azure
cloud risk practice of the future has the right skills and
education and push towards growing the overall team in the coming
years.Oversee/Lead the architecting and design of complex Azure
cloud solutions for clients.Review and finalize Azure security
reference architectures for securing cloud native high-performance
environments, designing business solutions in cloud, developing
deployment, migration, operation and monitoring guides.Oversee and
lead deploying, managing, operating, enhancing, and automating of
client's Azure environments from a security perspective.Oversee
Azure Cloud security engagements during different phases of the
lifecycle - assess, design, and implementation.Promote Azure
industry leading practices through the design and mentorship of
other technology teams and team-members.Oversee/Lead cloud Azure
cybersecurity assessments and review/develop strategic and tactical
security remediation recommendations / cyber risk roadmap to
address identified security gaps.Oversee/Lead Azure cybersecurity
controls testing across client's cloud environments to determine
control effectiveness and adherence to both internal cybersecurity
policies and standards and external requirements (e.g.
certifications, laws, regulations and contracts).Deliver end-to-end
automation of deployment, monitoring and infrastructure management
in the Azure cloud.Ensure Azure DevSecOps systems we build are
robust in the sense they can scale, handle rapid growth, and limit
exposure to single points of failure and security
vulnerabilities.Demonstrate deep understanding of testing
methodologies, test automation and software development
principles.Champion Agile leading-practices, processes, and tools
in support of DevSecOps processes.Support and enable team members
across both technical and management leadership capacities.Provide
internal cloud security technical training to Advisory personnel as
needed.Work closely with member firm external certification leaders
to ensure the consistency and efficiency of cyber certification
efforts.Lead the team on Azure security proposals, whitepapers,
proof of concepts, technical eminence materials and firm
initiatives.The teamDeloitte Advisory's Cloud Cyber team helps
complex organizations more confidently pursue their growth,
innovation and performance agendas through proactive management of
the associated cyber risks. Our professionals provide advisory and
implementation services that integrate risk, regulatory, and
technology skills to help clients transform their legacy programs
into proactive Secure.Vigilant.Resilient. TM cyber risk programs.
Join the team developing the future state of cyber risk solutions.
Learn more about Deloitte Advisory's Cyber Risk Services
practice.Required:3+ years of experience in consulting roles
including sales and delivery responsibilities in a manger level or
higher10+ years of experience in information technology and/or
information security experience5+ years in an engineering role
designing and supporting public clouds - especially Azure.5+ years
of hands-on technical experience with at least one cloud platform
in security or infrastructure implementation and operations. Azure
strongly preferred.Experience with previous cloud migrations,
ideally Azure.5+ years of hands-on technical experience with
infrastructure systems such as networking (e.g. WAF, Firewall and
load balancing), operating systems, SCCM and endpoint engineering,
and infrastructure automation implementation or operations.5+ years
of working with different Cloud platforms (Software as a Service
(SaaS), Platform as a Service (PaaS) and Infrastructure as a
Service (IaaS)) and environments (Public, Private, Hybrid).Depth of
experience with multiple security technologies such as Firewalls,
Intrusion Detection/Prevention Systems, Vulnerability Scanning,
WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, CASB,
SIEM, Content Filtering, Cloud Security gateways, Secure Proxies,
SSL crypto solutions, and automation.Demonstrated capability to
design, deploy, operationalize and automate secure and highly
scalable enterprise systems on public cloud - AWS, Azure and
Google.Experience with secure software development, data
protection, cryptography, key management, identity and access
management (IAM), network security (VPNs) within cloud
environments.Experience in architecting and deploying secure
software defined and virtualized networks.Knowledge in designing,
implementing, and managing DevSecOps capabilities in cloud
offerings using CI/CD toolsets and automation.Experience in
managing pipelines and working with tools such as Jenkins, Ansible,
Chef, Puppet, Salt stack and Terraform.Experience in installing and
configuring native and third-party databases in the cloud such as
MongoDB, MYSQL, Couchbase, Oracle.Experience in agile
leading-practices, processes, and tools in support of DevSecOps
processes with respect to Test Automation.Understanding of industry
regulatory and compliance requirements (i.e., FedRAMP, PCI-DSS,
NIST, HIPAA) and skilled at interpreting the compliance and
security requirements into implementable and repeatable
controls.Experience in the creation and maintenance of security
policies and procedures, managing the protection of information
systems and assets.Client interfacing, relationship building, and
consulting skills.Additional Requirements:BA/BS Degree is required.
Ideally in Computer Science, Cyber Security, Information Security,
Engineering, Information Technology.Travel up to 50% (While 50% of
travel is a requirement of the role, due to COVID-19, non-essential
travel has been suspended until further notice).Limited sponsorship
availableIdentify opportunities to improve engagement
profitability.Experience with engaging C-Level executives and
developing cyber risk strategies to address broad security
issues.Experience with leading multiple distributed teams across
different geographies.Preferred:Previous Consulting or Big 4
experience preferred.Depth of experience and knowledge in cloud
platform technologies such as Amazon's VPC, Elastic Load balancing,
Global Accelerator, Transit Gateway, Security Groups, Identity and
Access Management IAM, Route 53, Key Management Service (KMS),
PrivateLink Direct Connect, Virtual Private Network, CloudFront and
API Gateway. Azure cloud technologies preferred.Experience with
cloud automation and container tools like bash scripting, Ansible,
Docker, Chef or Puppet.Experience with JSON, Python, XML and
ability to write cloud automation scripts desired.Certifications
such as: AWS Certified Architect, MCSE new role-based
certifications (Azure), GCP Cloud Architect, CCSP, CISSP. Strong
preference on Microsoft certifications.Knowledge of security and
privacy-related industry standards and frameworks (e.g., ISO
27001/2, NIST 800-53, NIST CSF, CSA CCM) is a plus.Ability to
develop compelling proposals for client to clearly articulate the
need for information security.Excellent writing and verbal
communication skills.Strong project management and organizational
skills:RFA
Keywords: Deloitte, Jersey City , Azure Cloud Security Senior Manager, Executive , Jersey City, New Jersey
Click
here to apply!
|