Consultant Senior Consultant Cloud Security

Consultant/Senior Consultant, Cloud Security

Deloitte is seeking a Consultant/Senior Consultant with expertise in Cloud Security to join their team. This is a permanent position with a primary location in Toronto, ON, and other available locations across Canada.

Our Purpose

At Deloitte, we are driven to inspire and help our people, organizations, communities, and country to thrive. Our Purpose is to build a better future by accelerating and expanding access to knowledge. Purpose defines who we are and gives us reason to exist as an organization. By living our Purpose, we will make an impact that matters.

Experience a firm where wellness matters. Be part of a firm that leads the way and pushes themselves to look like contemporary Canada.

What will your typical day look like?

As a Cyber Risk Consultant / Senior Consultant, you will have the opportunity to work on a variety of projects addressing new technology trends and related business challenges faced by our clients both locally and globally. Tasks include:

• Assessing and implementing Cloud security solutions for clients.
• Reviewing security-related events, assessing risk and validity, as well as reporting on security postures and recommending corrective actions when required.
• Working with security vendors to understand their solution offerings and advise clients on appropriate technologies and architectures, based on their needs.
• Conducting research on the latest security technologies and standards, as well as the threat and vulnerability landscape, in order to advise clients and recommend appropriate actions.
• Facilitating use of technology-based tools or methodologies to review, design and/or implement products and services.

About The Team

Deloitte’s Cyber Cloud team helps organizations throughout the complete cycle of moving business processes to the cloud and operating it in a secure and private way. We offer cyber capabilities and solutions focused on development, transformation and resilience of cloud security through various mechanisms, built upon our demonstrated delivery methodology and leverage our deep technical experience, industry and regulatory knowledge, vendor and our access to a large global network of skilled professionals.

Qualifications We're Looking For

You are someone with:

• A Degree or Diploma in Computer Science, Engineering, Management Information Systems or Information Security, or relevant experience in these domains.
• 1-5 years of experience in application development and knowledge of main programming languages.
• AWS and Azure Security Expertise: In-depth understanding of the security features and best practices within Amazon Web Services (AWS) and Microsoft Azure.
• Microservices and Kubernetes Security: Proficiency in securing microservices architecture and Kubernetes clusters, ensuring robust protection of containerized applications.
• DevSecOps Platforms and Security Scanning Tools: Experience with tools and platforms that integrate security into the development process, along with expertise in security scanning tools to identify vulnerabilities.
• Git and Scripting Languages (Bash, PowerShell, Python): Strong familiarity with version control using Git and scripting languages to automate security processes and tasks.
• Infrastructure as Code (IaC) with Terraform: Ability to define and manage infrastructure as code using Terraform, streamlining the deployment and configuration of cloud resources securely.
• Policy Languages (Sentinel, OPA): Proficient in policy languages like Sentinel and Open Policy Agent (OPA) to enforce and automate security policies.
• Data Serialization (JSON, YAML): A solid grasp of data serialization formats such as JSON and YAML, essential for effective communication and configuration in cloud environments.
• Programming Skills: Advantageous to have programming skills and a conceptual understanding of software development practices to collaborate effectively with developers.
• Good understanding of basic networking concepts/principles (routing, switching, IP addressing etc.) and common services/protocols is important.
• Knowledge of foundational systems security principles is important.
• Knowledge of application security concepts and overall application design is important.
• Hands-on experience with cloud security posture management platforms (e.g., Palo Alto Prisma Cloud, Wiz, Orca) to assess misconfigurations and integrate findings into CI/CD, SIEM, and ticketing workflows for continuous remediation.
• Awareness of AI/ML security risks within cloud environments, including securing AI workloads, model endpoints, and data pipelines and how these intersect with cloud IAM, network segmentation, secrets management, and DevSecOps controls on AWS and Azure.
• Familiarity with AI governance and risk frameworks (e.g., NIST AI RMF, ISO 42001, ISO 42005) and ability to assess client AI deployments against organizational security policies and regulatory compliance standards.
• Practical experience using large language models (e.g., Microsoft Copilot, Google Gemini) and prompt engineering techniques to automate security tasks, generate IaC configurations, and accelerate delivery across cloud security engagements.
• Ability to use AI coding assistants (e.g., GitHub Copilot) to accelerate development of security automation scripts, policy-as-code, and infrastructure configurations in Bash, Python, Terraform, or YAML.
• Must be eligible to obtain and maintain a Government of Canada security clearance at the Reliability Status level (minimum); eligibility for Secret (Level II) clearance is strongly preferred.

Total Rewards

The salary range for Consultant is $57,000 to $102,000 and $72,000 - $138,000 for Senior Consultant. Individuals may also be eligible to participate in our bonus program. Deloitte is fair and competitive when it comes to the salaries of our people.

Our Total Rewards Package extends well beyond traditional compensation and benefit programs and is designed to recognize employee contributions, encourage personal wellness, and support firm growth. On top of our regular paid vacation days, some examples include: $4,000 per year for mental health support benefits, a $1,300 flexible benefit spending account, firm-wide closures known as "Deloitte Days", dedicated days of for learning (known as Development and Innovation Days), flexible work arrangements and a hybrid work structure.

Our promise to our people:

Deloitte is where potential comes to life. Be yourself, and more. We are a group of talented people who want to learn, gain experience, and develop skills. Wherever you are in your career, we want you to advance.

You Shape How We Make Impact. Diverse perspectives and life experiences make us better. Whoever you are and wherever you're from, we want you to feel like you belong here. We provide flexible working options to support you and how you can contribute. Be the leader you want to be.

Have as many careers as you want. We are uniquely able to offer you new challenges and roles – and prepare you for them. We bring together people with unique experiences and talents, and we are the place to develop a lasting network of friends, peers, and mentors.

Inclusivity at Deloitte

At Deloitte, we are all about doing business inclusively – that starts with having diverse colleagues of all abilities. Deloitte encourages applications from all qualified candidates who represent the full diversity of communities across Canada. We encourage you to connect with us at accessiblecareers@deloitte.ca if you require an accommodation for the recruitment process or indigenouscareers@deloitte.ca for any questions relating to careers for Indigenous peoples at Deloitte.

By applying to this job you will be assessed against the Deloitte Global Talent Standards. We’ve designed these standards to provide our clients with a consistent and exceptional Deloitte experience globally.

Key skills/competency

• Cloud Security
• AWS Security
• Azure Security
• Kubernetes Security
• DevSecOps
• Infrastructure as Code (IaC)
• Terraform
• Policy Languages
• Security Scanning Tools
• Cyber Risk