GCS- Cloud Security Governance Specialist
Position summary
Cloud Security Governance Specialist
As a Cloud Security Governance Senior Analyst, you’ll be part of a team in defining Cloud security requirements, communicating, and educating technology practitioners, monitoring, and validating Cloud security capabilities to protect Deloitte against ongoing and potential security threats. You will actively monitor Deloitte Cloud environments, conducting and/or monitoring remediation efforts to close or migrate to approved Deloitte tenants. The Senior Analyst will provide guidance for Cloud Security Compliance best practices for management of Deloitte’s enterprise Cloud solutions. They will also serve as an operations analyst on various cloud platforms and compliance enforcement tools.
Work you’ll do
• Perform Security reviews and report on findings, Consult on remediation plans, track status, aggregate results, and report to Management / Leadership
• Assist initiatives for setting up cloud architecture & technology strategies, standards, governance and best practices around AWS, Azure and GCP
• Work with Cloud Service Providers (CSPs) and engage with Solutions teams to Assess existing Cloud solutions, identifying security issues and recommending fixes
• Educate technology practitioners via documentation and training as needed to Deloitte technology teams
• Partner with Compliance Monitoring team for continuous compliance monitoring processes, create team run‐books
• Collaborate with cross‐functional stakeholders to understand technology strategies
• Provide guidance on cloud security and compliance requirements according to regulatory requirements, firm policy, data classification, client commitments, etc.
• Utilize verbal and written communication skills to document and maintain accurate Cloud solutions requirements and provide training as required
• Review and provide guidance on effective risk management program and controls framework for Cloud environments
• Educate DevOps, Security and Compliance teams on Cloud compliance requirements
• Monitor Cloud infrastructure security solutions and drive remediation/ mitigation of identified risks
• Perform deep‐dive controls testing for high risk areas for independent validation of issues and remediation efforts
• Perform other job‐related duties as assigned
The team
The Cyber Security team works behind the scenes to protect Deloitte practitioners as well as information assets at Deloitte. We take this protective role very seriously, while simultaneously ensuring Deloitte meets client, legal, and regulatory requirements.
Qualifications
Required:
Qualifications
• 5+ years’ security governance experience
• Practical knowledge and/or implementation experience in security frameworks
• Knowledge of: Security frameworks such as NIST 800-53, CIS, HITRUST, MITRE and OWASP
• Experience with Cloud security strategy, Cloud Service Provider ecosystems (Amazon AWS, Microsoft Azure, GCP) & Security controls
• Knowledge of Cloud networking architecture, Cloud operations, Security, Automation and Orchestration
• Possess clear understanding of security protocols and standards and have experience with software and security architectures
• Experience with Chef and/or Puppet desired
• Good written and verbal communication with technical and non‐technical people
• Must have strong expertise in the fundamentals of AWS/Azure/GCP Services
• Ability to work in a fast‐paced, rapidly changing environment
• Bachelor's degree or equivalent in Computer Science, Information Systems Management, Information
Technology or other related discipline with 3+ or more additional years related professional experience
• One or more of the following certifications:
• CISA, CISM, CCSP, CISSP, Azure Certified Cloud Engineer, AWS Associate Solutions Architect, AWS Certified Security and/or GCP Associate Cloud Engineer
• Ability to prioritize tasks and manage time across multiple projects to achieve on‐time deadlines
• Ability to code in Python or Java will be an added advantage
• Understand how to design and implement security tests in accordance with stated criteria
• Experience with ServiceNow GRC or other GRC tools desired
• Experience with Incident Management ticketing systems such as ServiceNow
Work Location:
Hyderabad, India
How you’ll grow
At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities— including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in exactly the same way. So, we provide a range of resources including live classrooms, team‐based learning, and eLearning. DU: The Leadership Center in India, our state‐of‐the‐art, world‐class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India
Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Deloitte’s culture
Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well‐being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.
Corporate citizenship
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill‐based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world.