Cyber
Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience, grow with confidence, and proactively manage to secure achievements.
Level: Lead Solution Advisor
Work you’ll do:
As a Senior Consultant, you will be supporting the team/clients with their Cyber needs specifically helping them address Cloud Security concerns and navigate the journey to the Cloud on the Microsoft Sentinel Platform. This will include:
· Design and implement robust, secure Google Cloud Platform infrastructure solutions tailored to meet the unique needs of enterprise clients.
· Conduct thorough security assessments, threat modeling exercises, and risk analyses of GCP environments to identify vulnerabilities and potential threats.
· Review and enhance Identity and Access Management (IAM) policies, service account configurations, Virtual Private Cloud (VPC) architectures, and firewall configurations to minimize attack surfaces.
· Integrate security tools and controls seamlessly into Continuous Integration/Continuous Delivery (CI/CD) pipelines and DevOps workflows, promoting a "security-as-code" approach.
· Implement and fine-tune cloud-native security services, including VPC Service Controls, Cloud Armor, Cloud Identity and Access Management (IAM), Security Command Center, to maximize protection.
· Create and maintain secure Infrastructure-as-Code (IaC) patterns using tools like Terraform or Deployment Manager, ensuring consistent and secure deployments.
· Implement security controls and processes to ensure client environments adhere to relevant security standards and frameworks (e.g., ISO 27001, NIST, CIS, HIPAA, PCI-DSS).
· Work closely with client stakeholders, including architects, engineers, and security teams, to align security strategies with business objectives
· Deliver engaging workshops, comprehensive documentation, and tailored training programs to empower client teams to manage and maintain their GCP security posture.
Must Have Skills:
· Bachelor’s degree in computer science, cybersecurity, information systems, or related field (or equivalent work experience).
· 5-7 years of progressive experience in cloud security, with deep and demonstrable expertise in Google Cloud Platform (GCP) and its security services.
· Proven ability to design and implement complex, secure GCP architectures that meet stringent security and compliance requirements.
· Deep understanding of zero-trust architecture, least-privilege access models, and modern cloud security principles.
· Strong expertise in GCP networking, Identity and Access Management (IAM), data protection, workload identity federation, and related security controls.
· Hands-on proficiency with infrastructure-as-code tools such as Terraform and Cloud Deployment Manager.
· Experience embedding security controls and automated checks into DevOps pipelines (CI/CD) using tools like Cloud Build, Jenkins, and GitLab CI.
· Proficiency with security automation tools and scripting languages (e.g., Python, Bash).
· Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning)
· Experience with cloud incident response and forensics in GCP environments.
· Excellent client-facing and communication skills, with the ability to present findings and recommendations effectively.
Good to Have Skills:
· Relevant security certifications such as CISSP, CCSP, GCP Professional Cloud Security Engineer, Professional Cloud Architect, Professional ML Engineer or similar.
· Experience with securing GenAI models in GCP.
· Knowledge of security frameworks, such as NIST, CIS, and MITRE ATT&CK, and experience applying them to GCP environments.
Education:
· B.Tech/M.Tech/MS/MBA