Cloud Security Infrastructure Architect – Manager
To work in the innovative and creative CISO team. A world class operation with extensive knowledge and experience. Interfacing with business and technical teams and bringing about change and influence across the whole world of Deloitte. Apply your skills here to make things happen, great people, great purpose and passionate about our work.
We encourage consideration of flexible ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients. If this opportunity is of interest to you with some flexibility, please do discuss with us.
Work you’ll do
As an Information Security Architect, you will be;
· Supporting implementation of the overall Information Security strategy
· Influencing and defining security policy, standards and procedures for improving security posture
· Designing, implementing and maintaining key security technology to improve security posture and strengthen security defenses
· Defining security requirements by evaluating business strategies and requirements, researching information security standards and conducting system security and vulnerability analyses and risk assessments
· Contributing to the end to end Security Architecture reviews as part of an IT lifecycle and security reviews throughout a change advisory board
· Leading on security research on the latest new security technologies
· Mentoring information security team members on recent developments and advancement in security technologies to drive widespread adoption of security best practices.
· Providing input on BAU and project budget
· Work with key IT service providers to ensure industry standard platform, network and endpoint security posture
· Ensure industry standard framework implementation
· Ensure project delivery by working with PMO and defining relevant milestones for CISO consumption
· Defining and providing relevant metrics and trends for CISO consumption
At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. Please speak to your recruiter about the working pattern that works best for you
Location: Hyderabad
Work shift Timings: 11 AM to 8 PM
Qualifications
· Bachelor of Engineering/ Bachelor of Technology
Essential
Essential skills and experience:
· Proven experience in cloud security architecture role, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing cloud security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.
· Working knowledge of different project delivery methodologies including Waterfall, Agile and Hybrid.
· Possess accreditation in CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control) or related certification.
· Extensive knowledge of cloud security architecture, demonstrating solutions delivery, practices and emerging technologies
· Have demonstrable experience in consulting and engineering of the development and design of cybersecurity best practices and the implementation of solid cybersecurity practices across the organization, to meet business goals along with customer and regulatory requirements.
· Possess extensive knowledge of frameworks or specifications of information security or risk management that include all legal, physical and technical controls involved in an organization’s risk management
· Be very knowledgeable in cloud security standards ISO/IEC 27017:2015 and ISO/IEC 27018:2014
· Have extensive experience with security considerations of cloud computing: This should include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DDoS attacks.
· Have a good knowledge and understanding of identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.
· Have a solid understanding of various cyber technologies - mobile threat defense, endpoint protection, data loss prevention, insider threat protection, device hardening, classification, key & certificate management and many more
· Have the ability to be the enterprise cybersecurity subject matter expert that can articulate technical topics to those with or without a technical background
· Possess exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills
· Computer Science degree and/or MSC in Information Security desirable but not essential.