Cloud Security Senior Manager
Location: San Antonio
Posted on: May 15, 2022
Are you interested in working in a dynamic environment that
offers opportunities for professional growth and new
responsibilities? If so, Deloitte & Touche LLP could be the place
for you. Traditional security programs have often been unsuccessful
in unifying the need to both secure and support technology
innovation required by the business. Join Deloitte's Advisory Cloud
Cyber Services team and become a member of the largest group of
cybersecurity professionals worldwide.
Work you'll do
As a Cloud Security Senior Manager, you will be at the front lines
with our clients supporting them with their cloud security needs to
securely navigate their journey to the cloud on the leading cloud
platforms, by implementing industry leading practices around cyber
risks and cloud security for clients. You will:
- Advise on strategy and designing and implementing, migrating,
and operating cloud solutions including cloud operations
optimization, native development, integration, and as-a-service
- Maintain client relationships by developing a reputation as an
independent professional who delivers exceptional results.
- Serve as a subject matter expert (SME) on cloud cyber risk for
at least one of the leading cloud platforms (AWS, Microsoft Azure/
Office 365, GCP, Alibaba Cloud, Oracle Cloud) for senior business
and technology stakeholders.
- Lead Cyber Risk teams as part of Cloud Transformation projects
at industry leading clients using cloud platform (such as AWS,
Azure, GCP, Alibaba Cloud, Oracle Cloud) services.
- Create executable strategies to initiate, grow and sustain
profitable relationships with clients.
- Educate business and technology stakeholders on value
propositions of cloud and participate in deep architectural
discussions to ensure solutions are designed for successful
deployment in the cloud (such as AWS, Azure, GCP, Alibaba Cloud,
- Capture and share leading-practice knowledge amongst the
- Ensure that the cloud risk practice of the future has the right
skills and education and push towards growing the overall team in
the coming years.
- Oversee/Lead the architecting and design of complex cloud
solutions for clients.
- Review and finalize reference architectures for cloud native
high-performance environments, designing business solutions in
cloud, developing deployment, migration, operation and monitoring
- Oversee/Lead the deploying, managing, operating, enhancing, and
automating of client's AWS, Azure, GCP environments.
- Oversee Cloud security engagements during different phases of
the lifecycle - assess, design, and implementation.
- Promote industry leading practices through the design and
mentorship of other technology teams and team-members.
- Oversee/Lead cloud cybersecurity assessments and review/develop
strategic and tactical security remediation recommendations / cyber
risk roadmap to address identified security gaps.
- Oversee/Lead cybersecurity controls testing across client's
cloud environments to determine control effectiveness and adherence
to both internal cybersecurity policies and standards and external
requirements (e.g. certifications, laws, regulations and
- Deliver end-to-end automation of deployment, monitoring and
infrastructure management in the cloud.
- Ensure DevSecOps systems we build are robust in the sense they
can scale, handle rapid growth, and limit exposure to single points
of failure and security vulnerabilities.
- Demonstrate deep understanding of testing methodologies, test
automation and software development principles.
- Champion Agile leading-practices, processes, and tools in
support of DevSecOps processes.
- Support and enable team members across both technical and
management leadership capacities.
- Provide internal cloud security technical training to Advisory
personnel as needed.
- Work closely with member firm external certification leaders to
ensure the consistency and efficiency of cyber certification
- Lead the team on proposals, whitepapers, proof of concepts,
technical eminence materials and firm initiatives.
Deloitte Advisory's Cloud Cyber team helps complex organizations
more confidently pursue their growth, innovation and performance
agendas through proactive management of the associated cyber risks.
Our professionals provide advisory and implementation services that
integrate risk, regulatory, and technology skills to help clients
transform their legacy programs into proactive
Secure.Vigilant.Resilient. TM cyber risk programs. Join the team
developing the future state of cyber risk solutions. Learn more
about Deloitte Advisory's Cyber Risk Services practice.
- 10+ years of information technology and/or information security
- 5+ years in an engineering role designing and supporting public
clouds - AWS, GCP, Azure.
- 5+ years of hands-on technical experience with at least one
cloud platform in security or infrastructure implementation and
- Experience with previous cloud migrations.
- 5+ years of hands-on technical experience with infrastructure
systems such as networking (e.g. WAF, Firewall and load balancing),
operating systems, SCCM and endpoint engineering, and
infrastructure automation implementation or operations.
- 5+ years of working with different Cloud platforms (Software as
a Service (SaaS), Platform as a Service (PaaS) and Infrastructure
as a Service (IaaS)) and environments (Public, Private,
- Depth of experience with multiple security technologies such as
Firewalls, Intrusion Detection/Prevention Systems, Vulnerability
Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN
security, CASB, SIEM, Content Filtering, Cloud Security gateways,
Secure Proxies, SSL crypto solutions, and automation.
- Demonstrated capability to design, deploy, operationalize and
automate secure and highly scalable enterprise systems on public
cloud - AWS, Azure and Google.
- Experience with secure software development, data protection,
cryptography, key management, identity and access management (IAM),
network security (VPNs) within cloud environments.
- Experience in architecting and deploying secure software
defined and virtualized networks.
- Knowledge in designing, implementing, and managing DevSecOps
capabilities in cloud offerings using CI/CD toolsets and
- Experience in managing pipelines and working with tools such as
Jenkins, Ansible, Chef, Puppet, Salt stack and Terraform.
- Experience in installing and configuring native and third-party
databases in the cloud such as MongoDB, MYSQL, Couchbase,
- Experience in agile leading-practices, processes, and tools in
support of DevSecOps processes with respect to Test
- Understanding of industry regulatory and compliance
requirements (i.e., FedRAMP, PCI-DSS, NIST, HIPAA) and skilled at
interpreting the compliance and security requirements into
implementable and repeatable controls.
- Experience in the creation and maintenance of security policies
and procedures, managing the protection of information systems and
- Client interfacing, relationship building, and consulting
- BA/BS Degree is required. Ideally in Computer Science, Cyber
Security, Information Security, Engineering, Information
- Travel up to 50% (While 50% of travel is a requirement of the
role, due to COVID-19, non-essential travel has been suspended
until further notice).
- Must be legally authorized to work in the United States without
the need for employer sponsorship, now or at any time in the
- Identify opportunities to improve engagement
- Experience with engaging C-Level executives and developing
cyber risk strategies to address broad security issues.
- Experience with leading multiple distributed teams across
- Previous Consulting or Big 4 experience preferred.
- Depth of experience and knowledge in cloud platform
technologies such as Amazon's VPC, Elastic Load balancing, Global
Accelerator, Transit Gateway, Security Groups, Identity and Access
Management IAM, Route 53, Key Management Service (KMS), PrivateLink
Direct Connect, Virtual Private Network, CloudFront and API
- Experience with cloud automation and container tools like bash
scripting, Ansible, Docker, Chef or Puppet.
- Experience with JSON, Python, XML and ability to write cloud
automation scripts desired.
- Certifications such as: AWS Certified Architect, MCSE new
role-based certifications (Azure), GCP Cloud Architect, CCSP,
- Knowledge of security and privacy-related industry standards
and frameworks (e.g., ISO 27001/2, NIST 800-53, NIST CSF, CSA CCM)
is a plus.
- Ability to develop compelling proposals for client to clearly
articulate the need for information security.
- Excellent writing and verbal communication skills.
- Strong project management and organizational skills.
Keywords: Deloitte, San Antonio , Cloud Security Senior Manager, Executive , San Antonio, Texas
Didn't find what you're looking for? Search again!