Cyber
Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. As a leader in the field, we empower our clients to transform their security posture and navigate the ever-evolving threat landscape. Join our team to drive impactful change, deliver strategic insights, and help organizations
Position Summary
Level: Manager
Work You’ll Do:
As a Microsoft Azure Security Manager, you will be at the forefront with our clients, supporting them with their Cloud security needs, specifically helping them navigate the complexities of securing Microsoft Azure platform. This will include:
•Act as the single point of accountability for Azure platform and infrastructure security architecture across governance, identity and access management, network, compute, storage, PaaS, data protection, resilience, and security monitoring domains.
• Translate business risk into technical requirements and produce reference architectures, security blueprints, and pattern libraries that downstream engineering teams can consume as code.
• Conduct cloud security analysis, recommendations and configurations of prospective clients’ Microsoft Azure platforms and environments based on Deloitte’s Cloud Cyber Risk Framework.
• Work with Client stakeholders to review Azure Infrastructure and architecture including integration with third-party SaaS / application platform and provide strategic guidance and recommendations to improve overall security posture.
• Define and build the landing zone: management-group hierarchy, subscription model, network segmentation (hub-spoke, VWAN, Private Link), policy guardrails, encryption baselines, logging and CI/CD.
• Work with architecture and business team to provide recommendations around secure architecture including industry best practices such as NIST CSF, CSA CCM and compliance requirements such as HIPAA, PCI, GDPR.
• Lead security implementation of mid- to large scale Azure Cloud security program:
o Design and implement secure Azure Network architecture.
o Design and implement logging and monitoring services within client environment.
o Design and implement solution to protect data as per regulatory requirements Azure Storage Services.
o Build backup vaults, cross-region replication, chaos-studio tests and ransomware recovery playbooks that meet contractual RTO/RPO and business-criticality tiers.
• Define baseline security requirements for Azure services and convert baseline security requirements into Azure Policy, Azure Blueprints and Terraform modules; embed OPA/Chacko scanning in CI/CD gates to block non-compliant builds before they reach a subscription.
• Design and build secure, repeatable CI/CD pipelines (ADO or GitHub) that build, scan, sign and deploy infrastructure artefacts; integrate third-party SCA, SAST, DAST and container image hardening tools.
• Assist clients with security frameworks, cloud configuration standards and resolving Azure cloud vulnerabilities.
• Deploy CNAPP tooling (Defender for Cloud, Wiz, Prisma) to create a unified, risk-ranked view; wire high-fidelity alerts into Sentinel playbooks with auto-remediation where possible; tune to eliminate false positive.
• Review and oversee the generation of all project deliverables such as assessment reports, system architecture designs, and Azure security recommendations.
• Design end-to-end data protection for ETL and AI pipelines: customer-managed keys, double encryption, immutable storage, Purview classification, LLM OWASP Top-10 guardrails, prompt-injection testing, secure model artefact registry.
• Lead the execution of Azure Cloud security engagements during different phases of the lifecycle – assess, design, and implementation.
• Provide Azure security technical training to internal personnel as needed.
• Manage efforts to build eminence, whitepapers and point-of-view (PoV) on providing leading practices to our clients across Azure security domains.
• Support talent process in the manager role such as for recruiting and coaching.
The Team
Enterprise Security teams embed security in all aspects of digital transformation by securing a client’s “technical backbone” while also enabling secure digital transformation. Services include security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and security for emerging technologies and connected products. Examples of work include Secure by Design, Cloud Security Orchestration & Automation, Core Infrastructure Security, and Secure Software Enablement. Deloitte Cyber team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient.TM cyber programs. Cloud Infrastructure supports organizations through the complete cycle of migrating business processes to the cloud, with capabilities and solutions focused on development, transformation, and resilience of cloud security.
Qualifications
Must Have Skills/Project Experience/Certifications
• 10+ years of experience in technical consulting, client problem solving, architecting and designing solutions in a consulting role with project leadership and/or architect experience in Azure; with a security focus strongly preferred.
• Proven experience with secure application modernization and migration of applications / workloads from on-premises or Cloud to Cloud.
• 8+ years hands-on production experience building Azure landing zones at enterprise scale.
• Expertise in designing, implementing, and securing Azure Platform services such as compute, storage, network, and data services.
• Intermediate scripting skills in Terraform/ ARM/ BICEP, YAML, shell/ Powers hell, JSON, or other relevant languages, with a focus on developing secure and scalable Azure solutions.
• Demonstrated ability to translate NIST CSF, CSA CCM, ISO 27017, PCI DSS, HIPAA requirements into concrete Azure control mappings and track implementation in a living compliance matrix.
• Familiarity with Microsoft Copilot, GitHub Copilot, Azure AI Services, including practical experience with Azure Machine Learning and Azure OpenAI.
• Familiarity with and practical application of industry-standard security frameworks and best practices, including NIST CSF, CSA CCM, tailored for Azure cloud environments.
• Experience leading mixed-shore teams (on-site + offshore) through full project life-cycle.
Good to Have Skills/Certifications
•Microsoft Certifications such as: (AZ-104, AZ-500, AZ-305, AZ-700, SC-100)
• Cyber Certifications such as: CCSP, CCSK, CISSP.
Education:
· B.E/B.Tech Degree preferred. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
Location:
• Bengaluru/Hyderabad/Pune/Chennai/Kolkata.