365 Snyk Jobs - Page 5

As an experienced professional with over 5 years in the field, you will take on the offshore role of defining the CI/CD strategy and architecture for digital engineering pipelines. Your primary focus will be ensuring scalability, resilience, and security while promoting DevOps best practices. Your responsibilities will include: - Defining and leading the strategic vision and roadmap for CI/CD pipelines to align with business objectives. - Leading the architectural design of end-to-end CI/CD workflows from code commit to production. - Architecting and implementing advanced CI/CD pipelines using GitHub Actions. - Designing and configuring Azure resources such as Container Apps, Storage, Key Vault, and Networking. - Integrating and optimizing SonarQube for code quality, SAST, and technical debt management. - Implementing and managing Snyk for security scanning including SCA, containers, and IaC. - Developing specialized CI/CD processes for the SAP Hybris e-commerce platform. - Automating change management processes through Jira integration. - Designing full-stack caching/CDN solutions using Cloudflare. - Developing and maintaining automation scripts and infrastructure-as-code (IaC). - Implementing automated testing strategies within CI/CD pipelines. - Incorporating DevSecOps practices with automated security gates and secret management. - Ensuring compliance with security policies and regulatory requirements. - Monitoring and optimizing CI/CD pipeline performance to eliminate bottlenecks. - Implementing build artifact caching strategies and automating Cloudflare CDN/WAF configurations. - Collaborating effectively with development, operations, QA, and security teams. - Mentoring teams and promoting an automation/shared responsibility culture. - Providing expert-level troubleshooting and root cause analysis. Skills and competencies required for this role include: - Expertise in GitHub Actions CI/CD orchestration. - Proficiency in Azure services such as Container Apps, Key Vault, Storage, and Networking. - Experience with Snyk security scanning and SonarQube integration. - Knowledge of Infrastructure-as-Code tools like Bicep, ARM templates, and Terraform. - Integration experience with test automation including unit, integration, performance, and security testing. - Implementation of DevSecOps practices and Jira integration for change management. - Familiarity with Cloudflare management including CDN, WAF, and caching solutions. - CI/CD monitoring and optimization skills. - Advocacy for an ownership-driven DevOps culture and troubleshooting/L3 support expertise. - Understanding of compliance requirements and SAP Hybris CI/CD automation (good to have). - Additional experience with Docker containerization and cross-functional collaboration. - Mentoring capabilities to support team growth and development. This position requires a degree qualification, a total of 10+ years of experience, and is based in Trivandrum/Kochi with an expected onboarding date of September 1, 2025.,

Python Developer + Devops - Associate - Software Engineering Profile Description We’re looking for a skilled Developer with minimum 3 years of experience to join our team. CDRR_Technology The Cybersecurity organization's mission is to create an agile, adaptable organization with the skills and expertise needed to defend against increasingly sophisticated adversaries. This will be achieved by maintaining sound capabilities to identify and protect our assets, proactively assessing threats and vulnerabilities and detecting events, ensuring resiliency through our ability to respond to and recover from incidents and building awareness and increase vigilance while continually developing our cyber workforce. Cyber The Cybersecurity organization's mission is to create an agile, adaptable organization with the skills and expertise needed to defend against increasingly sophisticated adversaries. This will be achieved by maintaining sound capabilities to identify and protect our assets, proactively assessing threats and vulnerabilities and detecting events, ensuring resiliency through our ability to respond to and recover from incidents and building awareness and increase vigilance while continually developing our cyber workforce. Software Engineering This is a Associate position that develops and maintains software solutions that support business needs. Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals. At Morgan Stanley India, we support the Firm’s global businesses, with critical presence across Institutional Securities, Wealth Management, and Investment management, as well as in the Firm’s infrastructure functions of Technology, Operations, Finance, Risk Management, Legal and Corporate & Enterprise Services. Morgan Stanley has been rooted in India since 1993, with campuses in both Mumbai and Bengaluru. We empower our multi-faceted and talented teams to advance their careers and make a global impact on the business. For those who show passion and grit in their work, there’s ample opportunity to move across the businesses for those who show passion and grit in their work. Interested in joining a team that’s eager to create, innovate and make an impact on the world? Read on… What You’ll Do In The Role The role will see the design and build of APIs which allow developers to apply, re-configure, deploy and run multiple code scanning tools on their projects. In addition, the infrastructure will be able to process the results from these systems and calculate whether a project can proceed with a release based on the firm’s policies. The role further extends to performing POCs on new tools and technologies to determine those that are suitable for adoption to assist keeping Morgan Stanley protected against an evolving threat landscape. The successful candidate will have around 3-5 years development experience (ideally in Python but we will consider other languages). They will have worked on building distributed systems and understand the complexities of building such systems. They will be a pro-active, driven individual that loves to take on new problems and figure out ways to solve them. In addition, they will have a mindset for automation and have experience in the SDLC and associated tooling right through from developing code, to writing automated tests, deploying it to production and providing subsequent production support. Responsibilities Hands-on engineering and integration will form the majority of this role, as part of a collaborative, agile squad. This will include work at all stages of the SDLC across a broad range of activities within Application Security. Take an active part in the architecture, design, build and implementation of the solution, implementing software development lifecycle best practices through the adoption of standard tools/services for reliability. Implementing different types of automated testing for resilience and reliability, e.g. unit, integration and load testing. Monitor usage of products through monitoring products, open telemetry and by building dashboards, alerts, and optimized queries for observability of system reliability with a focus on SLOs, error budgets, and toil management. Building documentation for both tribal knowledge and SRE processes within the squad through documentation-as-code framework. Setting up and performing PoCs within lab environments as well as in non-prod environments to enable stakeholders to test/validate solutions and soliciting real world feedback to drive meaningful evaluation and subsequent adoption. Documenting findings/presenting recommendations back to stakeholders to enable the Firm to make informed and effective product choices. Automating manual operational processes and integrating automations into CI/CD pipelines, including developing configuration-as-code models that align to CI/CD pipelines and SRE best practices and implementing self-service tools to reduce toil both within the squad and for our customers. Required Skills What you’ll bring to the role: A developer background/strong understanding of modern development practices, experience building usable APIs that others can consume. Strong research, analytical, and problem-solving skills. Ability to write robust, object-oriented and maintainable code in Python or similar language. Ability to write secure code, including an understanding of concepts such as authentication, authorisation and various web-based attacks such as XSS or CSRF/XSRF. Good knowledge of DevOps CI/CD workflows, tools (such as Jenkins/Circle/GitHub Actions) and their integration points. Experience with modern deployment tooling including Docker, Kubernetes, Helm, Ansible. Experience with distributed database/data storage systems, either SQL or No-SQL. Excellent verbal and written communication skills, including the ability to express and deliver technical ideas to a wide range of audiences, coupled with a collaborative approach. Desired Skills Product experience with DAST/SAST tooling such as Snyk, Fortify or Contrast Security. Experience with GitHub Enterprise and integrating SaaS solutions. Experience with distributed tools such as Apache Kafka & Zookeeper. Familiarity with public cloud and public cloud management. An automation/orchestration mind-set, enabling the product squads to spend more time coding and less time on manual processes. Some experience with front-end development NPM, Node, JavaScript, TypeScript or similar. Additional depth to their knowledge of application security. What You Can Expect From Morgan Stanley We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work. To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices into your browser. Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.

The role is based in the Pune R&D Centre, at SAS R&D Pune facility. For this role, you will join the Viya 3.5 team. We are looking for a Java developer to develop and maintain the Viya 3.5 platform and services. You will help with plan and design work and take responsibility for large parts of the application. Furthermore, you will be joining a friendly team with a broad range of experience, to develop and maintain SAS Viya 3.5 and/or SAS 9.4 Solutions. Primary Responsibilities Your primary responsibility will be to enhance and maintain, fix customer and security issues with multiple products and services under SAS Viya 3.5 Platform products. Work with customers and technical support for resolution of issues related to security, performance. Ensure all applicable security policies and processes are followed to support the organization’s secure software development goals. Perform to the unit testing, integration testing, and manual/automated tests functional/performance testing. Requirement 2-5 years experience. Excellent programming skills with Java, Spring MVC, Spring boot, Hibernate. Expertise in working on Database centric applications and knowledge of SQL with Postgres, Oracle Understanding of OOPs, Design Patterns, SOLID principles. Knowledge of Security concepts, Tool such as Snyk, Blackduck etc Experience with fast paced Agile software development methodologies. Good debugging skills, logical problem-solving capability, quick and self-learner to adopt and use new technologies. Experience with disciplined unit, regression, and integration testing Aptitude to work with large Legacy code bases Use of AI Dev tool (GitHub Copilot , Cursor, Claude code etc) Mandatory Technical Skills Good exposure to design and development of mid-tier services, REST APIs, Java ecosystem. Knowledge of OOPs, Design Patterns, SOLID principles. Excellent programming skills with Java, Spring MVC, Spring boot, Hibernate. Expertise in working on Database centric applications and knowledge of SQL with Postgres, Oracle Demonstrated experience with disciplined unit, regression, and integration testing with large software portfolio Total Years Of Relevant Experience 2-5 years Education Preference Bachelor’s in computer science or relevant equivalent combination of related education, training and experience may be considered in place of the above qualifications.

Kenvue is currently recruiting for a: Staff Engineer What we do At Kenvue, we realize the extraordinary power of everyday care. Built on over a century of heritage and rooted in science, we’re the house of iconic brands - including NEUTROGENA®, AVEENO®, TYLENOL®, LISTERINE®, JOHNSON’S® and BAND-AID® that you already know and love. Science is our passion; care is our talent. Who We Are Our global team is ~ 22,000 brilliant people with a workplace culture where every voice matters, and every contribution is appreciated. We are passionate about insights, innovation and committed to delivering the best products to our customers. With expertise and empathy, being a Kenvuer means having the power to impact millions of people every day. We put people first, care fiercely, earn trust with science and solve with courage – and have brilliant opportunities waiting for you! Join us in shaping our future–and yours. Role reports to: Senior Manager Platform Engineering Location: Asia Pacific, India, Karnataka, Bangalore Work Location: Hybrid What you will do Job Description Kenvue is seeking a Lead Full Stack Software Engineer – Cloud Native to join our innovative and forward-thinking software engineering team. You will play a pivotal role in designing, building, and delivering platforms and applications that shape the future of digital healthcare for our consumer health business. As a technical leader reporting to the Software Engineering Manager, you will drive the development, testing, and release of products that power our business. You will champion modern engineering practices, implement robust solutions in a multi-cloud, event-driven architecture, and collaborate across teams to enable high-performing, product-centric delivery. Key Responsibilities Demonstrate ownership and foster a collaborative team environment. Lead the software development lifecycle, from design to deployment. Deliver high-quality features and tools aligned with reference architecture and coding standards. Ensure production-ready solutions for various product initiatives. Stay engaged with the evolving Consumer Health landscape. Qualifications Bachelor’s degree in Computer Science, Computer Engineering, Software Engineering, or related field. 10+ years of IT experience, including at least 7+ years of hands-on software development. Proficiency in frontend development; experience with JavaScript/TypeScript preferred. Strong background in API design and development; Node JS experience preferred. Experience with CI/CD pipelines in any cloud environment; AWS preferred. Ability to implement standards and resolve build, Sonar, or Snyk issues. Solid understanding of databases; experience with PostgreSQL preferred. Experience with Docker & Kubernetes. PR reviews and guiding fellow engineers on Code quality. AI experience in workflow design, backend development, data engineering, system management, cost optimization, and autoscaling, using tools such as AWS Bedrock, Vertex AI, Azure OpenAI, and LangSmith is a plus Great to Have Experience with Backstage or other developer portals is a plus If you are an individual with a disability, please check our Disability Assistance page for information on how to request an accommodation.

The primary responsibility of this role is to improve the security posture of Microsoft environments and containerized applications. You will be tasked with implementing hardening strategies, handling vulnerabilities, ensuring compliance, and integrating security into development pipelines to protect systems from evolving threats. Your key tasks will include strengthening the security of Microsoft systems (Windows Server, Active Directory, Azure) and containerized platforms (Docker, Kubernetes, AKS) by implementing Microsoft Defender for Containers and related tools for threat detection and posture management. Additionally, you will apply secure configuration baselines for Microsoft systems using CIS Benchmarks and Microsoft Security Baselines, as well as harden container images and Kubernetes deployments by implementing the least privilege, disabling root access, and using read-only file systems. In order to make a significant impact in this role, you will conduct vulnerability assessments using tools like Microsoft Defender, Snyk, and Qualys and remediate vulnerabilities in OS, container images, and workloads across hybrid and multicloud environments. You will also ensure consistency to security standards such as NIST SP 800-190, CIS, and Microsoft Cloud Security Benchmark, maintain audit trails and documentation for regulatory compliance, supervise and respond to threats using SIEM systems and Defender XDR, and implement runtime protection and anomaly detection for Kubernetes clusters. Furthermore, you will define and implement network policies, RBAC, and resource limits for containers, use Azure Policy and Gatekeeper to prevent non-compliant deployments, deploy observability tools and log analytics to supervise sensitive actions and detect incidents, enable binary drift detection, and automate security scans and policy enforcement in CI/CD pipelines. To be successful in this role, you should possess a Bachelor's degree in Computer Science, Cybersecurity, or related field, along with 3+ years of experience in Microsoft system hardening and container security. Proficiency with Docker, Kubernetes, AKS, and CI/CD tools is essential, as well as experience with security tools like Microsoft Defender, Snyk, Qualys, and SIEM platforms. Knowledge of cloud security (Azure, AWS, GCP) and infrastructure-as-code (Terraform, ARM), as well as relevant certifications (e.g., CKS, AZ-500, CISSP) are preferred. Siemens Gamesa is part of Siemens Energy, a global leader in energy technology committed to making sustainable, reliable, and affordable energy a reality. As a leading player in the wind industry, Siemens Gamesa is passionate about driving the energy transition and providing innovative solutions to meet the global energy demand. The company values diversity and inclusion, celebrating character regardless of ethnic background, gender, age, religion, identity, or disability. All employees at Siemens Gamesa are automatically covered under Medical Insurance, with a considerable Family floater cover that includes the employee, spouse, and 2 dependent children up to 25 years of age. The company also provides an option to opt for a Meal Card as per the prescribed terms and conditions in the company policy, which serves as a tax-saving measure.,

Python Developer + Devops - Associate - Software Engineering Profile Description We’re looking for a skilled Developer with minimum 3 years of experience to join our team. CDRR_Technology The Cybersecurity organization's mission is to create an agile, adaptable organization with the skills and expertise needed to defend against increasingly sophisticated adversaries. This will be achieved by maintaining sound capabilities to identify and protect our assets, proactively assessing threats and vulnerabilities and detecting events, ensuring resiliency through our ability to respond to and recover from incidents and building awareness and increase vigilance while continually developing our cyber workforce. Cyber The Cybersecurity organization's mission is to create an agile, adaptable organization with the skills and expertise needed to defend against increasingly sophisticated adversaries. This will be achieved by maintaining sound capabilities to identify and protect our assets, proactively assessing threats and vulnerabilities and detecting events, ensuring resiliency through our ability to respond to and recover from incidents and building awareness and increase vigilance while continually developing our cyber workforce. Software Engineering This is a Associate position that develops and maintains software solutions that support business needs. Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals. At Morgan Stanley India, we support the Firm’s global businesses, with critical presence across Institutional Securities, Wealth Management, and Investment management, as well as in the Firm’s infrastructure functions of Technology, Operations, Finance, Risk Management, Legal and Corporate & Enterprise Services. Morgan Stanley has been rooted in India since 1993, with campuses in both Mumbai and Bengaluru. We empower our multi-faceted and talented teams to advance their careers and make a global impact on the business. For those who show passion and grit in their work, there’s ample opportunity to move across the businesses for those who show passion and grit in their work. Interested in joining a team that’s eager to create, innovate and make an impact on the world? Read on… What You’ll Do In The Role The role will see the design and build of APIs which allow developers to apply, re-configure, deploy and run multiple code scanning tools on their projects.In addition, the infrastructure will be able to process the results from these systems and calculate whether a project can proceed with a release based on the firm’s policies.The role further extends to performing POCs on new tools and technologies to determine those that are suitable for adoption to assist keeping Morgan Stanley protected against an evolving threat landscape. The successful candidate will have around 3-5 years development experience (ideally in Python but we will consider other languages).They will have worked on building distributed systems and understand the complexities of building such systems.They will be a pro-active, driven individual that loves to take on new problems and figure out ways to solve them.In addition, they will have a mindset for automation and have experience in the SDLC and associated tooling right through from developing code, to writing automated tests, deploying it to production and providing subsequent production support.Responsibilities Hands-on engineering and integration will form the majority of this role, as part of a collaborative, agile squad.This will include work at all stages of the SDLC across a broad range of activities within Application Security. Take an active part in the architecture, design, build and implementation of the solution, implementing software development lifecycle best practices through the adoption of standard tools/services for reliability. Implementing different types of automated testing for resilience and reliability, e.g. unit, integration and load testing. Monitor usage of products through monitoring products, open telemetry and by building dashboards, alerts, and optimized queries for observability of system reliability with a focus on SLOs, error budgets, and toil management. Building documentation for both tribal knowledge and SRE processes within the squad through documentation-as-code framework. Setting up and performing PoCs within lab environments as well as in non-prod environments to enable stakeholders to test/validate solutions and soliciting real world feedback to drive meaningful evaluation and subsequent adoption. Documenting findings/presenting recommendations back to stakeholders to enable the Firm to make informed and effective product choices. Automating manual operational processes and integrating automations into CI/CD pipelines, including developing configuration-as-code models that align to CI/CD pipelines and SRE best practices and implementing self-service tools to reduce toil both within the squad and for our customers. Required Skills What you’ll bring to the role: A developer background/strong understanding of modern development practices, experience building usable APIs that others can consume. Strong research, analytical, and problem-solving skills. Ability to write robust, object-oriented and maintainable code in Python or similar language. Ability to write secure code, including an understanding of concepts such as authentication, authorisation and various web-based attacks such as XSS or CSRF/XSRF. Good knowledge of DevOps CI/CD workflows, tools (such as Jenkins/Circle/GitHub Actions) and their integration points. Experience with modern deployment tooling including Docker, Kubernetes, Helm, Ansible. Experience with distributed database/data storage systems, either SQL or No-SQL. Excellent verbal and written communication skills, including the ability to express and deliver technical ideas to a wide range of audiences, coupled with a collaborative approach. Desired Skills Product experience with DAST/SAST tooling such as Snyk, Fortify or Contrast Security. Experience with GitHub Enterprise and integrating SaaS solutions. Experience with distributed tools such as Apache Kafka & Zookeeper. Familiarity with public cloud and public cloud management. An automation/orchestration mind-set, enabling the product squads to spend more time coding and less time on manual processes. Some experience with front-end development NPM, Node, JavaScript, TypeScript or similar. Additional depth to their knowledge of application security. What You Can Expect From Morgan Stanley We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work. To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices into your browser. Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.

Test Engineering is about bringing a modern, automation-first, and team-based approach to testing software and data services. Our Core Principles align with Agile principles, empowering Test Engineer team members to have conversations, establish behaviors, and set expectations promoting Agile concepts. As a Test Engineer, you will utilize your expertise in software quality techniques and tools in a collaborative, team-based environment. You will engage in technical details, collaborate on designing optimal testing approaches, work across multiple tech stacks, and implement automation using various tools. As a quality champion, you will help the team maintain and enhance velocity. Your experience and learning mindset will enable you to tackle new challenges and establish areas of expertise. Sharing knowledge and contributing to the continual elevation of Quality Engineering capability will be part of your responsibilities. You should have experience in an agile team environment, consistently increasing team velocity. Proficiency in using code to develop reliable test automation, defining clear acceptance criteria, facilitating defect triage, and producing quality metrics is expected. You may have specialized expertise in modern software quality or broad experience across technology solutions. A computer science-based mindset is essential, and a technology-focused education is beneficial. Responsibilities: - Develop and enhance test plans for complex applications. - Translate business requirements into tests optimizing coverage and risk (95% target test coverage). - Create reliable test automation with high relevance (95% target test automation). - Implement automation for new business functionality using test automation frameworks. - Assess and advise on testability of user stories, acceptance criteria, non-functional requirements, and definition of done. - Collaborate closely with engineering teams and demonstrate strong debugging skills. - Share acquired knowledge with the team and organization members, recommending tools/processes to enhance productivity and quality. Qualifications: - 3+ years of experience working as a Test Engineer or similar role. - 1+ year of experience with Java, Python, or JavaScript development (intermediate - advanced level). - 3+ years of experience with Test Automation frameworks (e.g., Selenium, Junit, Nunit, Robot, etc.). - Experience in developing functional tests (e.g., integration, interface/API testing, and unit testing). - Familiarity with web service technologies (e.g., XML, REST, SOAP). - Bachelor's degree in engineering, computer science, computer engineering, or equivalent work experience. Preferred Qualifications: - Experience in developing non-functional tests (e.g., performance testing, load testing, stress testing, security testing, etc.). - Proficiency as a technical individual contributor with modern quality engineering tools. - Experience with black-box and white-box testing. - Knowledge of various deployment strategies (e.g., Blue/Green, Canary, A/B, etc.). - Familiarity with BDD and TDD. - Experience with Code Quality tools (e.g., SonarQube). - Experience with Security Scanning tools (e.g., Snyk, BlackDuck). - Experience with CI tools (e.g., Jenkins, GitLab, CircleCI). - Passion for excellence in product quality and reliability. - Excellent communication and problem-solving skills.,

ABOUT TIDE At Tide, we are building a business management platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting. Launched in 2017, Tide is now used by over 1 million small businesses across the world and is available to UK, Indian and German SMEs. Headquartered in central London, with offices in Sofia, Hyderabad, Delhi, Berlin and Belgrade, Tide employs over 2,000 employees. Tide is rapidly growing, expanding into new products and markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money. ABOUT THE TEAM Our 40+ engineering teams are working on designing, creating and running the rich product catalogue across our business and enablement areas (e.g. Payments Services, Admin Services, Ongoing Monitoring, etc.). We have a long roadmap ahead of us and always have interesting problems to tackle. We trust and empower our engineers to make real technical decisions that affect multiple teams and shape the future of Tide's Global One Platform. We work in small autonomous teams, grouped under common domains owning the full lifecycle of products and microservices in Tide's service catalogue. Our engineers self-organize, gather together to discuss technical challenges, and set their own guidelines in the different Communities of Practice regardless of where they currently stand in our Growth Framework. ABOUT THE ROLE As a Full Stack Engineer at Tide, you will be a key contributor to our engineering teams, working on designing, creating, and running the rich product catalogue across our business and enablement areas. You will have the opportunity to make a real difference by taking ownership of engineering practices and contributing to our event-driven Microservice Architecture, which currently consists of over 200 services owned by more than 40 teams. Design, build, run, and scale the services your team owns globally. You will define and maintain the services your team owns (you design it, you build it, you run it, you scale it globally) Work on both new and existing products, tackling interesting and complex problems. Collaborate closely with Product Owners to translate user needs, business opportunities, and regulatory requirements into well-engineered solutions. Define and maintain the services your team owns, exposing and consuming RESTful APIs with a focus on good API design. Learn and share knowledge with fellow engineers, as we believe in experimentation and collaborative learning for career growth. Have the opportunity to join our Backend and Web Community of Practices, where your input on improving processes and maintaining high quality will be valued. WHAT ARE WE LOOKING FOR A sound knowledge of a backend framework such as Spring/Spring Boot, with experience in writing microservices that expose and consume RESTful APIs. While Java experience is not mandatory, a willingness to learn is essential as most of our services are written in Java. Experience in engineering scalable and reliable solutions in a cloud-native environment, with a strong understanding of CI/CD fundamentals and practical Agile methodologies. Have some experience in web development, with a proven track record of building server-side applications, and detailed knowledge of the relevant programming languages for your stack. Strong knowledge of Semantic HTML, CSS3, and JavaScript (ES6). Solid experience with Angular 2+, RxJS, and NgRx. A passion for building great products in small, autonomous, agile teams. Experience building sleek, high-performance user interfaces and complex web applications that have been successfully shipped to customers. A mindset of delivering secure, well-tested, and well-documented software that integrates with various third-party providers. Solid experience using testing tools such as Jest, Cypress, or similar. A passion for automation tests and experience writing testable code. OUR TECH STACK Java 17 , Spring Boot and JOOQ to build the RESTful APIs of our microservices Event-driven architecture with messages over SNS+SQS and Kafka to make them reliable Primary datastores are MySQL and PostgreSQL via RDS or Aurora (we are heavy AWS users) Angular 15+ (including NgRx and Angular Material) Nrwl Nx to manage them as mono repo Storybook as live components documentation Node.js, NestJs and PostgreSQL to power up the BFF middleware Contentful to provide some dynamic content to the apps Docker, Terraform, EKS/Kubernetes used by the Cloud team to run the platform DataDog, ElasticSearch/Fluentd/Kibana, Semgrep, LaunchDarkly, and Segment to help us safely track, monitor and deploy GitHub with GitHub actions for Sonarcloud, Snyk and solid JUnit/Pact testing to power the CI/CD pipelines WHAT YOU WILL GET IN RETURN Make work, work for you! We are embracing new ways of working and support flexible working arrangements. With our Working Out of Office (WOO) policy our colleagues can work remotely from home or anywhere in their home country. Additionally, you can work from a different country for up to 90 days a year. Plus, you'll get: Competitive salary Self & Family Health Insurance Term & Life Insurance OPD Benefits Mental wellbeing through Plumm Learning & Development Budget WFH Setup allowance 25 Annual leaves Family & Friendly Leaves TIDEAN WAYS OF WORKING At Tide, we're Member First and Data Driven, but above all, we're One Team. Our Working Out of Office (WOO) policy allows you to work from anywhere in the world for up to 90 days a year. We are remote first, but when you do want to meet new people, collaborate with your team or simply hang out with your colleagues, our offices are always available and equipped to the highest standard. We offer flexible working hours and trust our employees to do their work well, at times that suit them and their team. TIDE IS A PLACE FOR EVERYONE At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity status or disability status. We believe it's what makes us awesome at solving problems! We are One Team and foster a transparent and inclusive environment, where everyone's voice is heard. Tide Website: https://www.tide.co/en-in/ Tide LinkedIn: https://www.linkedin.com/company/tide-banking/mycompany/ TIDE IS A PLACE FOR EVERYONE At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members' diverse needs and lives. We are One Team and foster a transparent and inclusive environment, where everyone's voice is heard. At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone's voice is heard. You personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice .

Job Description Job Location: Chennai or Mumbai or Gurgaon High-Value Professional Experience And Skills Cloud Migrations & Architecture Proven leadership in designing and executing application/infrastructure migration projects (on-prem to cloud). Expert in cloud architecture design and implementation to solve complex business problems and achieve team goals. Strong familiarity with Microsoft Azure; AWS and GCP experience also valued. DevOps & Automation Experience building and managing automated CI/CD pipelines (Preferred: GitHub Actions; Also considered: Jenkins, Argo CD). Proficient in Infrastructure-as-Code (IaC) (Preferred: Terraform; Also considered: Ansible, Puppet, ARM templates). Expertise in managing containerized workloads (Preferred: AKS & Helm; Also considered: EKS, other Kubernetes distributions, Docker, JFrog). Skilled in serverless computing (e.g., Logic Apps, Azure/AWS Functions, WebJobs, Lambda). Monitoring, Security & Analytics Proficient in logging and monitoring tools (e.g., Fluentd, Prometheus, Grafana, Azure Monitor, Log Analytics). Strong understanding of cloud-native network security (e.g., Azure Policy, AD/RBAC, ACLs, NSG rules, private endpoints). Exposure to big data analytics platforms (e.g., Databricks, Synapse). Other Desirable Professional Experience And Skills Strong technologist with the ability to advise on cloud best practices. Skilled in multi-component system integration and troubleshooting. Budgeting and cost optimization experience in cloud environments. Experience in performance analysis and application tuning. Expertise in secrets management (Preferred: HashiCorp Vault; Also: Azure Key Vault, AWS Secrets Manager). Familiarity with Kubernetes service meshes (Preferred: Linkerd; Also: Istio, Traefik mesh). Scripting and coding proficiency in various environments: (e.g., Bash/Sh, PowerShell, Python, Java). Familiar with tools like Jira, Confluence, Azure Storage Explorer, MySQL Workbench, Maven. Basic Professional Experience And Skills Solid understanding of SDLC, change control processes, and related procedures. Hands-on experience with source control and code repository tools (e.g., Git/GitHub/GitLab, VS Code, SVN). Ability to articulate and present technical solutions to both technical and non-technical audiences. Required Education And Professional Experience 5+ years of overall professional IT experience. 2+ years of hands-on experience in DevOps/Site Reliability Engineering (SRE) roles on major cloud platforms. Bachelor’s degree in Engineering, Computer Science, or IT; advanced degrees preferred. Industry certifications in Cloud Architecture or Development (Preferred: Azure; Also: AWS, GCP). Skills Any Cloud experience (Azure/AWS) Terraform, Kubernetes, Any CI/CD tool Security and code quality tools: WiZ, Snyk, Qualys, Mend, Checkmarx, Dependabot, etc. (Experience with any of these tools) Ashwini P, Recruitment Manager TEKSALT|A Pinch of Us Makes All the Difference [An E-Verified & WOSB Certified Company] Healthcare | Pharma | Manufacturing | Insurance | Financial | Retail Mobile: +91- 9945165022 | email: ashwini.p@teksalt.com www.teksalt.com Secret management: Hashicorp vault / Akeyless

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304099

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304100

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304101

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304100

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304099

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304101

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304100

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304099

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304099

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304101

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304101

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304100

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304099

Position Summary GCP DevSecOps - Consultant Position Summary As a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients. You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions. Key Responsibilities: Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements. Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP. Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ). Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices. Perform threat modeling and security assessments specific to AI/ML workloads. Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows. Lead security assessments of cloud environments and DevOps pipelines. Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning). Recommend and implement policy-as-code for guardrails (OPA, Sentinel). Deliver security posture reports, recommendations, and remediation plans. Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption. Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.). Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.). Guide clients in building secure landing zones and cloud governance frameworks. Design shift-left strategies for embedding security earlier in the SDLC. Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.). Assist with security documentation, risk registers, and audit support. Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions. Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.). Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.). Required Qualifications: 4 + years in Google Cloud Platform DevSecOps role. Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA). Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build. Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP. Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring. Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems Proficiency with security automation tools and scripting (Python, Bash, etc.). Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning). Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK. Familiarity with security tools like Checkov , Snyk or Prisma Cloud. Preferred Qualifications: Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP. Understanding of responsible AI principles, including model fairness, transparency, and auditability Experience with Kubernetes security in GKE (RBAC, network policies, container scanning). Knowledge of multi-cloud (AWS, Azure ) security strategies and governance. Familiarity with service mesh security (Istio, Anthos). Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle). Familiarity with zero trust architecture concepts . Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager. Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts Job Title: Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD)) Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide. Work you’ll do As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include: Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments. Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols Assisting clients with Migrating applications (legacy platforms or other) to Azure AD Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration Assisting clients with configuration and delivery of Cloud security and compliance reports. Assisting clients with configuration and delivery of Azure Advanced Threat Protection. Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft. Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients. Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews. Perform health check, discovery and cleanup of Active Directory Infrastructure Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc. Perform Active Directory security assessments specific to ESAE implementations Implement Active Directory RBAC model to secure the AD environment Provide internal technical training to Advisory personnel as needed. Support Managed Services team on client calls as necessary. Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms. Contribute to eminence activities, such as whitepapers pertaining to IAM technologies The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Required: 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions. Working experience in at least one of the areas listed below. 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications. 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications. Ideally the following technical experience: 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth. 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory 2 + years of working knowledge with Azure Cloud service provider technologies. 2+ years of working knowledge with Azure Advanced Threat Protection Additional Requirements: B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Preferred: Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus. How You’ll Grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. Job title: Azure Cloud Security Engineer (Consultant) About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs: Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations. Performing technical health checks for cloud platforms/environments prior to broader deployments. Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor. Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption). Documenting all technical issues, analysis, client communication, and resolution. Supporting proof of concept and production deployments of cloud technologies. Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting. Operating across both technical and management leadership capacities. Providing internal technical training to Advisory personnel as needed. Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc. Required Skills 3 + years of information technology and/or information security operations experience. Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid). Familiarity with the following will be considered a plus: Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers Hands-on technical experience implementing security solutions for Microsoft Azure Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc. Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms Preferred: Previous Consulting or Big 4 experience. Hands-on experience with Azure, plus any CASB or CWPP product or service. Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc. Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.) Qualification Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304101

🌟 Position Overview At Atcuality , we are on a mission to deliver AI-native digital health platforms with uncompromising security and compliance. We are seeking a Senior AWS Security Engineer with 5+ years of hands-on experience in healthcare security , cloud infrastructure hardening , and HIPAA compliance implementation . This is a critical role where you’ll architect and safeguard the core of our healthcare systems — ensuring PHI protection , HITRUST readiness , and enterprise-grade security at scale across our AI-powered applications. 🛠️ Key Responsibilities🔐 Cloud Security Architecture & Implementation Design and secure AWS infrastructure for HIPAA-compliant applications Implement multi-tier defense-in-depth models using AWS native services: WAF, Shield, GuardDuty, Security Hub Configure secure VPCs, security groups, NACLs , and API Gateway protections Enforce zero-trust networking , least privilege IAM , and segmented microservice isolation Establish secure connectivity using VPN, PrivateLink, or AWS Direct Connect 🏥 HIPAA Compliance & Healthcare Security Implement controls aligned with HIPAA Security Rule , HITECH Act , and HITRUST CSF Conduct regular HIPAA risk assessments , gap analysis, and audit readiness reviews Manage BAA compliance , secure PHI boundaries, and maintain audit logs Validate security controls for EHR systems, FHIR APIs , and clinical data exchanges 🔐 Data Protection & Encryption Design and manage end-to-end encryption strategies for PHI (data in transit and at rest) Utilize AWS KMS , Secrets Manager , and Vault for key lifecycle management Implement tokenization, masking , and data classification solutions Detect and mitigate exposure with AWS Macie , GuardDuty , and DLP policies 🧯 Backup & Disaster Recovery Architect resilient backup and restore workflows using AWS Backup, EBS Snapshots, and RDS strategies Implement cross-region replication , immutable backups , and ransomware-proof storage Define RTO/RPO targets for healthcare workloads and conduct disaster recovery drills 🚨 Security Operations & Monitoring Integrate SIEM platforms (e.g., Splunk, Elastic, Sumo Logic) with CloudTrail, GuardDuty, and Config Implement real-time threat detection , auto-remediation workflows, and 24/7 incident response Conduct vulnerability scans, pen tests , and maintain security metrics dashboards 🔑 Identity & Access Management Design IAM policies , roles, and permissions enforcing least privilege and RBAC Integrate SAML/OIDC federation , enforce MFA , and monitor privileged access sessions Implement break-glass mechanisms and temporary credential rotation ✅ Required Qualifications👨‍💻 Technical Expertise 5+ years in security engineering , with 3+ years on AWS Deep experience with AWS security services : IAM, KMS, WAF, Macie, GuardDuty, Shield, Security Hub Strong healthcare security background : HIPAA, PHI handling, HITRUST CSF Proven success securing EHRs, FHIR APIs , or health data platforms Expertise in encryption , key management , and secure backups Hands-on with IaC : Terraform, AWS CDK, or CloudFormation 💼 Core Competencies Network security, segmentation, and secure ingress/egress design Experience with container security (ECS, EKS, Fargate) CI/CD security and DevSecOps implementation Scripting proficiency (Python, Bash, PowerShell) Familiarity with SOC 2 , GxP , and FDA validation processes 🏅 Required Certifications (Minimum 2) AWS Certified Security – Specialty AWS Certified Solutions Architect – Professional CISSP , CCSP , or equivalent security certification HCISPP (Healthcare Information Security and Privacy Practitioner) 🌟 Preferred Qualifications HITRUST CCSFP (Certified CSF Practitioner) Knowledge of healthcare interoperability standards: HL7, FHIR Experience with Epic, Cerner , or EHR integrations Cloud migration experience with AWS-native compliance tools Familiarity with ransomware mitigation frameworks SOC 2 Type II and CMS/ONC compliance knowledge 🧰 Technical Environment AWS Stack : EC2, S3, RDS, Lambda, EKS, ECS, VPC, WAF, GuardDuty, Shield, Macie Security Tooling : HashiCorp Vault, AWS Secrets Manager, AWS Config, AWS Artifact Monitoring & SIEM : CloudWatch, CloudTrail, Datadog, Splunk Backup & Recovery : AWS Backup, S3 Glacier, Cross-region replication IaC : Terraform, CloudFormation, CDK Containers : Twistlock, Aqua Security, Sysdig DevSecOps : Security scanning in CI/CD (Snyk, Checkov, etc.) 🔎 Key Requirements Summary 5+ years in cloud security (with healthcare focus) Hands-on HIPAA and HITRUST implementation Expert in AWS encryption, backup, and IAM controls Experience with healthcare threat modeling, DR planning , and compliance reporting 24/7 availability for critical incident response 🎁 What We Offer 💰 Salary Range : ₹1.25 Cr – ₹1.65 Cr (based on experience & certifications) 💼 Stock options / equity participation 🏥 Full health, dental, and vision insurance 💻 Remote flexibility (Jamshedpur-based hybrid) 🧠 Annual security conference & certification support 🔐 Access to cutting-edge AWS security stack 🚀 Ownership of critical security initiatives in AI-powered healthcare 🌴 Generous PTO, mental wellness support, and on-call compensation 📤 Application Requirements Please email the following to 📧 career@atcuality.com : Updated resume showcasing AWS and healthcare security experience Cover letter detailing your healthcare compliance implementation experience List of relevant certifications (AWS, HIPAA, CISSP, HCISPP) Sample case study or HIPAA-compliant architecture you've implemented 2–3 professional references from healthcare security projects 🧪 Interview Process HR Screening (30 mins) Technical Security Round (60 mins – AWS + Healthcare) Take-home security architecture challenge Technical Deep Dive (2 hrs – encryption, IAM, DR, HIPAA) Scenario-based security incident simulation HIPAA & HITRUST regulatory compliance interview Leadership & cultural fit Reference check + offer 🛡️ Critical Success Factors You are not just securing systems — you are safeguarding lives by protecting the integrity, privacy, and availability of sensitive health data. You will be the security backbone for our entire AI-native healthcare infrastructure. Aarna Tech Consultants Pvt. Ltd. (Atcuality) is an equal opportunity employer. All applicants must be willing to undergo background checks due to the sensitivity of data managed.

About Zeta Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded by Bhavin Turakhia and Ramki Gaddipati in 2015. Our f lagship processing platform - Zeta Tachyon - is the industry’s first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 15M+ cards have been issued on our platform globally. Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios. Zeta has over 1700+employees - with over 70%roles in R&D - across locations in the US,EMEA, and Asia. We raised$280 million at a$1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.Learn more @ www.zeta.tech , careers.zeta.tech , Linkedin , Twitter The Role As part of the Risk & Compliance team within the Engineering division at Zeta, the Application Security Manager is tasked with safeguarding all mobile, web applications, and APIs. This involves identifying vulnerabilities through testing and ethical hacking, while also educating developers and DevOps teams on how to resolve them. Your primary goal will be to ensure the security of Zeta's applications and platforms. As a manager, you'llbe responsible for securing all of Zeta’s products. In this individual contributor role, you will report directly to the Chief Information Security Officer (CISO). The role involves ensuring the security of web and mobile applications, APIs, and infrastructure by conducting regular VAPT. It requires providing expert guidance to developers on how to address and fix security vulnerabilities, along with performing code reviews to identify potential security issues. The role also includes actively participating in application design discussions to ensure security is integrated from the beginning and leading Threat Modeling exercises to identify potential threats. Additionally, the profile focuses on developing and promoting secure coding practices, educating developers and QA engineers on security standards for secure coding, data handling, network security, and encryption. The role also entails evaluating and integrating security testing tools like SAST, DAST, and SCA into the CI/CD pipeline to enhance continuous security integration. Responsibilities Guide Security and Privacy Initiatives: Actively participate in design reviews and threat modeling sessions to help shape the security and privacy approach for technology projects, ensuring security is embedded at all stages of application development. Ensure Secure Application Development: Collaborate with developers and product managers to ensure that applications are securely developed, hardened, and aligned with industry best practices. Project Scope Management: Define the scope for security initiatives, ensuring continuous adherence throughout each project phase, from initiation to sustenance/maintenance. Drive Internal Adoption and Visibility: Ensure that security projects are well-understood and adopted by internal stakeholders, fostering a culture of security awareness within the organization. Security Engineering Expertise: Serve as a technical expert and security champion within Zeta, providing guidance and expertise on security best practices across the organization. Team Leadership and Development Make decisions on hiring and lead the hiring process to build a skilled security team. Define and drive improvements in the hiring process to attract top security talent. Mentor and guide developers and QA teams on secure coding practices and security awareness. Security Tool and Gap Assessment: Continuously assess and recommend tools to address gaps in application security, ensuring the team is equipped with the best resources to identify and address vulnerabilities. Stakeholder Liaison: Collaborate with both internal and external stakeholders to ensure alignment on security requirements and deliverables, acting as the main point of contact for all security-related matters within the team. Bug Bounty Program Management: Evaluate and triage security bugs reported through the Bug Bounty program, working with relevant teams to address and resolve issues effectively. Own Security Posture: Take ownership of the security posture of various applications across the business units, ensuring that security best practices are consistently applied and maintained. Skills Hands-on experience in Vulnerability Assessment (VA) and Penetration Testing (PT) across web, mobile, API, and network/Infra environments. Deep understanding of the OWASP Top 10 and their respective attack and defense mechanisms. Strong exposure to Secure SDLC activities, Threat Modeling, and Secure Coding practices. Experience with both commercial and open-source security tools, including Burp Suite, AppScan, OWASP ZAP, BEEF, Metasploit, Qualys, Nipper, Nessus andSnyk. Expertise in identifying and exploiting business logic vulnerabilities. Solid understanding of cryptography, PKI-based systems, and TLS protocols. Proficiency in various AuthN/AuthZ frameworks (OIDC, OAuth, SAML) and the ability to read, write, and understand Java code. Experience with Static Analysis and Code Reviews using tools like Snyk,Fortify,Veracode, Checkmarx, and SonarQube. Hands-on experience in reverse engineering mobile apps and using tools like Dex2jar, ADB, Drozer, Clang, iMAS, and Frida/Objection for dynamic instrumentation. Experience conducting penetration tests and security assessments on internal/external networks, Windows/Linux environments, and cloud infrastructure (primarily AWS). Ability to identify and exploit security vulnerabilities and misconfigurations in Windows and Linux servers. Proficiency in shell scripting and automating tasks with tools such as Python or Ruby. Familiarity with PA-DSS, PCI SSF (S3, SSLC), and other security standards like PCI DSS, DPSC, ASVS and NIST. Understanding of Java frameworks like Spring Boot, CI/CD processes, and tools like Jenkins & Bitrise. In-depth knowledge of cloud infrastructure (AWS, Azure), including VPC/VNet, S3 buckets, IAM,Security Groups, blob stores, Load Balancers, Docker containers, and Kubernetes. Solid understanding of agile development practices. Active participation in bug bounty programs (HackerOne, Bug Crowd, etc.) and experience with hackathons and Capture the Flag (CTF) competitions. Knowledge of AWS/Azure services, including network configuration and security management. Experience with databases (PostgreSQL, Redshift, MySQL) and other data storage solutions like Elasticsearch and S3 buckets. Preferred Certifications: OSCP, OSWE, GWAPT, AWAE, AWS Certified Security Specialist, CompTIA Security+ Experience And Qualifications 12 to 18 years of overall experience in application security, with a strong background in identifying and mitigating vulnerabilities in software applications. A background in development and experience in the fintech sector is a plus. Bachelor of Technology (BE/ B.Tech ), M.Tech , or ME in Computer Science or an equivalent degree from an Engineering college/University. Life At Zeta At Zeta, we want you to grow to be the best version of yourself by unlocking the great potential that lies within you. This is why our core philosophy is ‘People Must Grow.’ We recognize your aspirations; act as enablers by bringing you the right opportunities, and let you grow as you chase disruptive goals. is adventurous and exhilarating at the same time. You get to work with some of the best minds in the industry and experience a culture that values the diversity of thoughts. If you want to push boundaries, learn continuously and grow to be the best version of yourself, Zeta is the place to be! Explore the life at zeta Zeta is an equal opportunity employer. At Zeta, we are committed to equal employment opportunities regardless of job history, disability, gender identity, religion, race, marital/parental status, or another special status. We are proud to be an equitable workplace that welcomes individuals from all walks of life if they fit the roles and responsibilities.