Assistant Manager – Senior Security Consultant - Deloitte Support Services India Private Limited
We are seeking a proactive Security Consultant with 6+ years of experience in embedding security practices early in the Software Development Lifecycle (SDLC), focusing on secure architectural design and cloud security. The ideal candidate will emphasize left-shifting security, ensuring robust security architectures and designs at the planning stages for IT solutions across applications, infrastructure, and cloud environments. This role requires expertise in both traditional and cloud-specific security practices to safeguard diverse, modern IT landscapes.
Work you’ll do
Key Responsibilities:
• Architectural Security Review: Perform in-depth security reviews of solution architectures, particularly in cloud environments, to proactively identify and address potential security flaws. Partner with development teams to guide secure design decisions before and during development.
• Cloud Security Management: Implement and enforce cloud security best practices, including identity and access management, encryption, logging and monitoring, and incident response for cloud-native applications and infrastructure.
• Threat Modelling: Skilled in threat modelling techniques to proactively identify, evaluate, and prioritize potential threats, enabling the design and implementation of effective security controls within diverse application and infrastructure environments.
• Comprehensive Security Assessments: Conduct thorough security assessments on applications, servers, networks, and cloud platforms to identify vulnerabilities, prioritize risks, and define clear remediation steps.
• Risk Analysis and Mitigation: Evaluate security risks associated with both on-premises and cloud solutions, offering actionable recommendations that balance security and business requirements.
• Standards and Compliance Audits: Conduct security audits to ensure solutions meet industry standards, regulatory requirements, and internal security policies, aligning with frameworks like NIST, CIS, ISO 27001, and cloud-specific frameworks such as CSA and AWS Well-Architected.
• Vulnerability Management: Use security tools to perform vulnerability scans and assessments in both traditional and cloud environments, prioritizing findings, and guiding remediation processes.
• Collaboration and Security Culture: Work with cross-functional teams to promote a security-first mindset, implementing security controls for cloud and on-premises systems while supporting secure development practices.
• Reporting and Documentation: Prepare comprehensive assessment and review reports, including risk assessments, mitigation strategies, and steps for strengthening security posture, particularly in cloud deployments.
• Continuous Improvement: Stay up to date on security trends, tools, and techniques, especially those related to cloud security, to continuously improve practices and recommend new tools or methods that bolster cloud security.
Work Location: Hyderabad
Shift Timings: 06.30 AM to 03.30 PM
Qualifications
Required:
• Experience: Minimum of 6 years in security consulting with demonstrated expertise in SSDLC, architectural reviews, and cloud security (e.g., AWS, Azure, GCP).
• Technical Skills:
- Proficiency in cloud security tools and technologies (e.g., AWS Security Hub, Azure Security Centre).
- Advanced knowledge of security assessment tools that enable SAST, DAST, IAST etc. (e.g., Prisma Cloud, Qualys, Checkmarx, GitHub Advance Security).
- Strong understanding of cloud security architecture, identity and access management, and cloud-specific security frameworks (e.g., CSA, AWS Well-Architected).
• Certifications: Security certifications such as CISSP, CCSK, CCSP, CEH, OSCP, or similar are preferred.
• Problem-Solving: Excellent analytical skills with a proactive, methodical approach to identifying and mitigating security risks, particularly in cloud environments.
• Communication: Strong written and verbal communication skills, capable of conveying complex security concepts to both technical and non-technical stakeholders.
• Team Collaboration: Proven ability to work independently and collaboratively within cross-functional teams, enhancing security across traditional and cloud infrastructures.
How you’ll grow
At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team- based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India
Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Deloitte’s culture
Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.
Corporate citizenship
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world.
About Deloitte
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the “Deloitte” name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.
Assistant Manager – Senior Security Consultant - Deloitte Support Services India Private Limited
We are seeking a proactive Security Consultant with 6+ years of experience in embedding security practices early in the Software Development Lifecycle (SDLC), focusing on secure architectural design and cloud security. The ideal candidate will emphasize left-shifting security, ensuring robust security architectures and designs at the planning stages for IT solutions across applications, infrastructure, and cloud environments. This role requires expertise in both traditional and cloud-specific security practices to safeguard diverse, modern IT landscapes.
Work you’ll do
Key Responsibilities:
• Architectural Security Review: Perform in-depth security reviews of solution architectures, particularly in cloud environments, to proactively identify and address potential security flaws. Partner with development teams to guide secure design decisions before and during development.
• Cloud Security Management: Implement and enforce cloud security best practices, including identity and access management, encryption, logging and monitoring, and incident response for cloud-native applications and infrastructure.
• Threat Modelling: Skilled in threat modelling techniques to proactively identify, evaluate, and prioritize potential threats, enabling the design and implementation of effective security controls within diverse application and infrastructure environments.
• Comprehensive Security Assessments: Conduct thorough security assessments on applications, servers, networks, and cloud platforms to identify vulnerabilities, prioritize risks, and define clear remediation steps.
• Risk Analysis and Mitigation: Evaluate security risks associated with both on-premises and cloud solutions, offering actionable recommendations that balance security and business requirements.
• Standards and Compliance Audits: Conduct security audits to ensure solutions meet industry standards, regulatory requirements, and internal security policies, aligning with frameworks like NIST, CIS, ISO 27001, and cloud-specific frameworks such as CSA and AWS Well-Architected.
• Vulnerability Management: Use security tools to perform vulnerability scans and assessments in both traditional and cloud environments, prioritizing findings, and guiding remediation processes.
• Collaboration and Security Culture: Work with cross-functional teams to promote a security-first mindset, implementing security controls for cloud and on-premises systems while supporting secure development practices.
• Reporting and Documentation: Prepare comprehensive assessment and review reports, including risk assessments, mitigation strategies, and steps for strengthening security posture, particularly in cloud deployments.
• Continuous Improvement: Stay up to date on security trends, tools, and techniques, especially those related to cloud security, to continuously improve practices and recommend new tools or methods that bolster cloud security.
Work Location: Hyderabad
Shift Timings: 06.30 AM to 03.30 PM
Qualifications
Required:
• Experience: Minimum of 6 years in security consulting with demonstrated expertise in SSDLC, architectural reviews, and cloud security (e.g., AWS, Azure, GCP).
• Technical Skills:
- Proficiency in cloud security tools and technologies (e.g., AWS Security Hub, Azure Security Centre).
- Advanced knowledge of security assessment tools that enable SAST, DAST, IAST etc. (e.g., Prisma Cloud, Qualys, Checkmarx, GitHub Advance Security).
- Strong understanding of cloud security architecture, identity and access management, and cloud-specific security frameworks (e.g., CSA, AWS Well-Architected).
• Certifications: Security certifications such as CISSP, CCSK, CCSP, CEH, OSCP, or similar are preferred.
• Problem-Solving: Excellent analytical skills with a proactive, methodical approach to identifying and mitigating security risks, particularly in cloud environments.
• Communication: Strong written and verbal communication skills, capable of conveying complex security concepts to both technical and non-technical stakeholders.
• Team Collaboration: Proven ability to work independently and collaboratively within cross-functional teams, enhancing security across traditional and cloud infrastructures.
How you’ll grow
At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team- based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India
Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Deloitte’s culture
Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.
Corporate citizenship
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world.
About Deloitte
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the “Deloitte” name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.