at Deloitte in Springfield, Illinois, United States
Job Description
Are you looking to elevate your cyber career? Your technical skills? Your opportunity for growth? Deloitte’s Government and Public Services Cyber Practice (GPS Cyber Practice) is the place for you! Our GPS Cyber Practice helps organizations create a cyber minded culture and become stronger, faster, and more innovative. You will become part of a team that advises, implements, and manages solutions across five verticals: Strategy, Defense and Response; Identity; Infrastructure; Data; and Application Security. Our dynamic team offers opportunities to work with cutting-edge cyber security tools and grow both vertically and horizontally at an accelerated rate. Join our cyber team and elevate your career.
Work you’ll do
We require a robust and advanced cloud security solution to protect its cloud-hosted applications and ensure secure cloud access. The CNAPP and secure cloud access solution, along with the identity-based WAF or proxy, will enforce policies, mitigate threats, and provide secure authentication at the application level. Implementing PaC will enforce security compliance for resources deployed in the client’s IaaS cloud environment, which is currently focused on the Azure tenant. The client is ultimately responsible for and will maintain control over the development, implementation, and management of its policies-including IT security policies.
The Cloud Security Engineer will contribute to evaluating, recommending, and implementing solutions related to Cloud Native Application Protection Platforms (CNAPP) including Cloud Security Posture Management (CSPM), Cloud Infrastructure Entitlement Management (CIEM), and Cloud Workload Protection (CWP), as well as to modern Web Application Firewalls (WAFs) and Content Delivery Networks (CDNs). These solutions will be assessed and deployed in light of specific client and Federal cloud security requirements, standards, and guidelines including those from NIST and industry best practices. Additionally, the Cloud Security Engineer will support evaluation of Azure Policy Framework policies against client requirements and make recommendations on what custom policies need to be created while also implementing a governance structure for Policy as Code (PaC).
The team
Deloitte’s Government and Public Services (GPS) practice – our people, ideas, technology and outcomes-is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of more than 15,000 professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise
At Deloitte, we believe cyber is about starting things-not stopping them-and enabling the freedom to create a more secure future. Cyber Infrastructure is focused on rethinking how security is integrated across modernized infrastructure as cyber threats become more complex. If you’re seeking a career implementing, architecting, and-in select cases-handling next generation controls to manage security risks and exposure, then the Cyber Infrastructure team at Deloitte is for you.
Qualifications
Required:
+ Bachelor’s degree required
+ Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
+ Must be able to obtain and maintain the required clearance
+ Ability to travel up to 15%, on average, based on the work you do and the clients and industries/sectors you serve
+ 7 years experience working in cloud security
+ Strong understanding of cloud security concepts and best practices
+ Experience evaluating cloud security solutions including developing Analysis of Alternatives
+ Experience with cloud security technologies, specifically CNAPP, WAF, CDNs, and PaC (Terraform)
+ Ability to configure and mange cloud security policies
+ Ability to assess and mitigate cloud security risks
+ Familiarity with RMF / ATO processes
+ Familiarity with Agile Scrum and working in sprints to support releases
Preferred Qualifications:
+ CrowdStrike Certified Cloud Specialist (CCCS)
+ Certified Cloud Security Engineer (CCSE) or Certified Cloud Security Professional (CCSP)
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.