Deloitte | India Offices of the US

Cloud Security Infrastructure Architect M/EM, Deloitte Support Services India Private Limited

Organisation Summary

At Deloitte, we’re all about collaboration. And nowhere is this more apparent than among our 2,000-strong internal services team. With our combined specialist skills, we provide all the essential support and advice our client-facing colleagues need, right across the firm. This enables them to focus all their efforts on delivering the best service possible to their clients. Covering seven distinct areas; Human Resources, Clients & Industries, Finance & Legal, Practice Support Services, Quality & Risk Services, IT Services, and Workplace Services & Real Estate, together we live, breathe and deliver the Deloitte experience.

Role description

To work in the innovative and creative CISO Team, a world-class operation renowned for its extensive expertise and experience. Collaborate with both business and technical teams to drive change and exert influence across the entire Deloitte landscape Utilize your skills to effect real-world impact. As Compliance Specialist, you will be responsible for monitoring, managing and closing existing compliance finding while also ensuring that internal controls are compliant through with Deloitte security policy & standard.

Location: Hyderabad

Work shift Timings: 02:00 PM to 11:00 PM

Strategic

• Set the strategic vision for secure cloud adoption and expansion within the organization.
• Research emerging cloud technologies and threats, recommending appropriate security enhancements.
• Lead proof-of-concept projects for new cloud security tools, platforms, or controls.

Operational

• Develop and enhance cloud security architectures (IaaS, PaaS, SaaS) in alignment with business needs and industry best practices.
• Evaluate and recommend secure configurations for new and existing cloud initiatives.
• Collaborate with solution architects, application teams, and DevOps to ensure consistent security controls are integrated throughout the cloud infrastructure.
• Perform cloud security risk assessments; identify vulnerabilities and recommend remediation strategies.
• Ensure cloud platforms are compliant with regulatory and internal security standards (e.g., ISO 27001, NIST, GDPR).
• Develop and maintain a cloud and hybrid cloud security architecture framework, defining security principles, reference architectures, and standardized patterns to ensure consistent controls across identity, network, data, workload, and platform layers
• Lead efforts to maintain and demonstrate compliance during audits or security reviews.
• Oversee the configuration and monitoring of security controls such as firewalls, IAM, encryption, logging, and SIEM integrations in cloud environments.

·       Coordinate response to cloud security incidents by leading triage, investigation, containment, and remediation; partner with the broader Deloitte security team and stakeholders; and facilitate post-incident reviews to drive corrective actions and control improvements.

·       Develop and maintain cloud security guardrails, policies, and reference architecture (including standardized patterns and control mappings) to enable secure-by-design delivery across cloud and hybrid environments.

• Develop and maintain cloud security policies, standards, baselines, and procedures.
• Produce clear documentation for architecture decisions, risk assessments, and security configurations.

Relationship Management

• Act as subject matter expert (SME) on cloud security, advising C-level, IT, and business stakeholders.
• Train, mentor, and guide less experienced security team members by providing technical coaching, architecture reviews, and on-the-job support to build capability and improve delivery quality
• Represent the organization in external forums, vendor meetings, and industry groups as required.
• Support in managing the security posture of third-party vendors and SaaS providers.

Role Requirement

·       Support implementation of the enterprise Information Security strategy, vision, and toolset by translating strategic objectives into actionable roadmaps, architecture standards, and measurable delivery outcomes.

·       Influencing and defining security policy, standards and procedures for improving security posture

·       Designing, implementing and maintaining key security technology to improve security posture and strengthen security defenses

·       Define security requirements by assessing business strategy, technology requirements, and risk appetite, and by researching and applying relevant information security standards and control frameworks.

·       Contribute to end-to-end security architecture reviews across the IT lifecycle, co-authoring secure solution designs and providing assurance through design-time and stage-gate security reviews

·       Leading on security research into the latest new security technologies

·       Mentoring information security team members on recent developments and advancement in security technologies to drive widespread adoption of security best practices.  

·       Work with key IT service providers to ensure industry standard platform, network and endpoint security posture

·       Ensure industry standard framework implementation

·       Ensure security deliverables are embedded in project plans by partnering with the project team to define clear security milestones, dependencies, and success criteria, and by reporting progress in a CISO-ready format

·       Defining and providing relevant metrics and trends for CISO consumption

Qualifications

·       12+ years of experience

·       Bachelors / Masters degree

·       Proven experience in cloud security architecture role, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing cloud security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.

·       Working knowledge of different project delivery methodologies including Waterfall, Agile and Hybrid.

·       Extensive knowledge of cloud security architecture, demonstrating solutions delivery, practices and emerging technologies

·       Have demonstrable experience in consulting and engineering of the development and design of cybersecurity best practices and the implementation of solid cybersecurity practices across the organization, to meet business goals along with customer and regulatory requirements.

·       Possess extensive knowledge of frameworks or specifications of information security or risk management that include all legal, physical and technical controls involved in an organization’s risk management

·       Be very knowledgeable in cloud security standards ISO/IEC 27017:2015 and ISO/IEC 27018:2014, SABSA certified or TOGAF.

·       Have extensive experience with security considerations with cloud SAAS, PAAS & IAAS .

·       Have a good knowledge and understanding of identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.

·       Have a solid understanding of various cyber technologies - mobile threat defense, endpoint protection, data loss prevention, insider threat protection, device hardening, classification, key & certificate management and many more

·       Have to work with enterprise architect as a subject matter expert that can articulate technical topics to those with or without a technical background

Skills Required

• Deep technical expertise with major cloud service providers (AWS, Azure, GCP).
• Hands-on experience with cloud-native security tools and platforms.
• Solid understanding of networking, IAM, encryption, and security best practices in cloud and hybrid environments.
• Strong leadership, communication, and project management abilities.
• Relevant certifications (e.g., CCSP, AWS Certified Security Specialty, Azure Security Engineer Associate, CISM, CRISC, CISSP, SABSA,TOGAF).