AWS Cloud Security Architect

Position Summary

Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape, design, and technology as we partner with clients to transform finance.

Work you’ll do:

Design core AWS platform security architecture, including areas such as:

• Network (VPC) – Subnet, segmentation strategies
• IAM
• Infrastructure-as-a-code (terraform, CloudFormation)
• Storage (S3 and EBS)
• Compute (EC2, ECS)
• Serverless (Lambda, EKS, FarGate)
• Logging and Monitoring (CloudTrail, CloudWatch)
• Organization – Account design
• Backup and Disaster Recovery approach and design
• Automation - Environment and application automation using scripting
• AWS Cost Management and Optimization

Design and develop enterprise cyber security strategy and architecture. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analysis. Provide product best fit analysis to ensure end-to-end security covering different faucets of architecture e.g., Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance, and regulations. Scripting capability and the ability to develop AWS EAC (environments as code). Familiar with Automation/IAC (Infrastructure As Code) Solutions– CloudFormation, Terraform, Ansible, Puppet, Jenkins, etc. Experience in designing authentication and authorization solutions around multi-factor authentication, single sign-on, identity management or related technologies. Ability to design and build application-specific security frameworks aligned with organization security strategy, policies, and compliance requirements. Ability to develop Enterprise Security Governance framework, Security Policy, Standard, and Control development SABSA/TOGAF. Provide solutions for RFPs received from clients and ensure overall design assurance. Demonstrate experience in doing security assessments against NIST Frameworks, SANS, CIS, etc.

The Team:

Enterprise Security teams embed security in all aspects of digital transformation by securing a client’s “technical backbone” while also enabling secure digital transformation. Services include security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and security for emerging technologies and connected products. Examples of work include Secure by Design, Cloud Security Orchestration & Automation, Core Infrastructure Security, and Secure Software Enablement. The Deloitte Cyber team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure. Vigilant. Resilient. TM cyber programs.

Qualifications

Must Have Skills/Project Experience/Certifications:

• Total years of experience required between 9 years to 13 years.
• 5+ years of experience as a Cloud Security Architect or in the core security domain.
• 5+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS).
• Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc.
• Experience in designing, planning, and implementing AWS cloud security solutions for hybrid enterprise environments.
• In-depth expertise in AWS Governance and Security best practices.
• Hands-on experience with AWS Organizations, Acquisition and merger of AWS orgs, Identity and Access Management, SCP policies, Preventive and Detective guardrails, AWS IAM Identity Center (AWS SSO).
• Hands-on experience with centralized logging and monitoring solutions for CloudTrail, Config, Guard Duty, Security HUB, Landing Zone, Lambda, ECS and EKS, WAF, Migration Hub, and SEIM.
• Working knowledge of cross-cloud security tools such as SOAR/XSOAR, SIEM, CSPM, CWPP, CIEM, etc.
• Experience in securing EKS and or AKS.
• Knowledge in designing, implementing, and managing DevSecOps capabilities in cloud offerings using CI/CD toolsets and automation.
• Experience in managing pipelines and working with tools such as Jenkins, Ansible, Chef, Puppet, Salt stack and terraform.
• Experience in IAM, encryption, DevSecOps in AWS and or Azure.
• Knowledge of regulatory and compliance frameworks and the requirements underlying each, including ISO, SOX, PCI, FedRAMP and HIPAA.

Good to Have Skills/Project Experience/Certifications:

• Skills in scripting languages (e.g., Groovy for Jenkins, Bash, Python) to customize pipeline steps and automate repetitive tasks.

Education:

• B.Tech/M.Tech/MS/MBA

Location:

• Bengaluru/Hyderabad/Pune/Chennai

Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.

Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas and perspectives, and bring more creativity and innovation to help solve our clients’ most complex challenges. This makes Deloitte one of the most rewarding places to work.

Professional development

At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India.

Benefits To Help You Thrive

At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/or other criteria. Learn more about what working at Deloitte can mean for you.

Recruiting tips

From developing a stand-out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

Key skills/competency

• AWS Cloud Security Architecture
• Cybersecurity Strategy
• Infrastructure as Code (IaC)
• IAM (Identity and Access Management)
• DevSecOps
• Risk Analysis
• Compliance Frameworks (NIST, ISO, etc.)
• Security Governance
• Cloud Security Technologies (CSPM, CWPP, SIEM)
• Automation and Scripting