USI- FY26 - Cyber - Enterprise Security- GCP + DevSecOps - LSA

Position Summary

GCP DevSecOps - Consultant

Position SummaryAs a DevSecOps Consultant, you will be a key contributor to the successful delivery of high-visibility projects, applying your technical skills and engineering knowledge to build secure, reliable solutions. You will work hands-on with modern DevSecOps tools, AI/ML services, deployment architecture, and cloud security best practices and frameworks to help deliver solutions that create value for Deloitte’s business and its clients.You will collaborate with cross-functional teams to design, implement, and maintain CI/CD pipelines and automation processes, ensuring that security and quality are integrated throughout the software development lifecycle. Your ability to troubleshoot, learn quickly, and apply best practices will be essential in supporting the delivery of high-quality, outcome-focused solutions.Key Responsibilities:

• Act as a subject matter expert (SME) on GCP security and DevSecOps practices during client engagements.
• Design and deploy AI/ML solutions on GCP, leveraging services like Vertex AI, BigQuery ML, AutoML , and TensorFlow on GCP.
• Manage CI/CD pipelines, I nfrastructure as C ode ( IaC ), and automation tools for ML deployments (e.g., using Terraform, Cloud Build, GitOps ).
• Provide consulting and advisory services to clients on cloud strategy, AI/ML adoption, and security best practices.
• Perform threat modeling and security assessments specific to AI/ML workloads.
• Collaborate with DevOps and data teams to automate, monitor , and optimize ML workflows.
• Lead security assessments of cloud environments and DevOps pipelines.
• Evaluate and enhance CI/CD pipelines with automated security testing tools (SAST, DAST, SCA, IaC scanning).
• Recommend and implement policy-as-code for guardrails (OPA, Sentinel).
• Deliver security posture reports, recommendations, and remediation plans.
• Collaborate with client security, DevOps, and IT teams to drive secure cloud adoption.
• Design and implement GCP-native security controls (IAM, VPC security, Cloud Armor, SCC, GKE, etc.).
• Conduct gap analysis on client GCP environments against benchmarks (CIS, NIST, etc.).
• Guide clients in building secure landing zones and cloud governance frameworks.
• Design shift-left strategies for embedding security earlier in the SDLC.
• Map technical controls to compliance frameworks (SOC 2, HIPAA, PCI-DSS, ISO 27001, etc.).
• Assist with security documentation, risk registers, and audit support.
• Automate GCP security guardrails using Terraform, Ansible, and Cloud Functions.
• Integrate security logs into client SIEM/SOAR platforms (Chronicle, Splunk, etc.).
• Implement and tune cloud-native monitoring tools (Cloud Logging, SCC, etc.).
  

Required Qualifications:

• 4 + years in Google Cloud Platform DevSecOps role.
• Proficiency in CI/CD tools, Infrastructure Code, container security, and policy-as-code solutions such as Open Policy Agent (OPA).
• Understanding the embedding of security controls and automated checks into DevOps pipelines (CI/CD) using tools such as Jenkins, GitLab CI, Terraform, and Cloud Build.
• Strong hands-on experience with Vertex AI, BigQuery , Cloud Functions, GKE, and AI/ML Ops on GCP.
• Deep understanding of AI/ML model lifecycle, including data prep, training, evaluation, deployment, and monitoring.
• Familiarity with compliance frameworks (e.g., HIPAA, SOC 2, ISO 27001) as they apply to cloud-based ML systems
• Proficiency with security automation tools and scripting (Python, Bash, etc.).
• Familiarity with container security (e.g., GKE, Kubernetes RBAC, image scanning).
• Experience with security frameworks such as NIST, CIS, or MITRE ATT&CK.
• Familiarity with security tools like Checkov , Snyk or Prisma Cloud.
  

Preferred Qualifications:

• Certifications such as: GCP Cloud DevOps Engineer, Architect, Professional Machine Learning Engineer, GCP Cloud Security Engineer, CCSP.
• Understanding of responsible AI principles, including model fairness, transparency, and auditability
• Experience with Kubernetes security in GKE (RBAC, network policies, container scanning).
• Knowledge of multi-cloud (AWS, Azure ) security strategies and governance.
• Familiarity with service mesh security (Istio, Anthos).
• Knowledge of integration of AI/ML for Advanced Security Analytics with existing on-premise and cloud platforms (e.g., Network Intelligence/ Sentinel/ Chronicle).
• Familiarity with zero trust architecture concepts .
• Experience with secrets management tools like HashiCorp Vault, GCP Secret Manager.
• Knowledge of IP networking, VPNs, DNS, load balancing, and firewalling concepts
  

Job Title:

Security Consultant (Microsoft Azure Active Directory and Active Directory (AAD/AD))Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Advisory Cyber Risk Services team and become a member of the largest group of Cyber Risk individuals worldwide.

Work you’ll do

As a Security Senior Consultant, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Azure Active Directory (AAD) Platform. This will include:

• Microsoft MFA, SSO, Conditional Access, B2B and B2C and on-premise Active Directory
• Architect, design, and implement large-scale Active Directory / Azure Active Directory deployments/migrations/upgrades
• Performing technical health checks for the AD/AAD platforms/environments prior to broader deployments.
• Assisting clients with Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols
• Assisting clients with Migrating applications (legacy platforms or other) to Azure AD
• Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration
• Assisting clients with configuration and delivery of Cloud security and compliance reports.
• Assisting clients with configuration and delivery of Azure Advanced Threat Protection.
• Providing technical support for AD/AAD services and resolve service-related issues through research and troubleshooting and working with Microsoft.
• Implementation of industry leading practices around AD/AAD cyber risks and Cloud security for clients.
• Troubleshooting system level problems in a multi-vendor, multi-protocol network environment.
• Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps.
• Executing on AD/AAD Cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews.
• Perform health check, discovery and cleanup of Active Directory Infrastructure
• Analyze and review Active Directory services such as DNS, DHCP, Group Policy etc.
• Perform Active Directory security assessments specific to ESAE implementations
• Implement Active Directory RBAC model to secure the AD environment
• Provide internal technical training to Advisory personnel as needed.
• Support Managed Services team on client calls as necessary.
• Acting as a subject matter expert on cyber risk for the Microsoft Active Directory and Azure Active Directory platforms.
• Contribute to eminence activities, such as whitepapers pertaining to IAM technologies
  

The team

Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice.

Required:

• 2 + years of experience in technical consulting, client problem solving, architecting, and designing solutions.
  

Working experience in at least one of the areas listed below.

• 2 +years of hands-on technical experience enterprise-with Microsoft Identity and Access management and EMS services (Azure Active Directory, Azure Active Directory premium solutions, conditional access, SSO, MFA, PAM/PIM, and third party IAM solution integration with AAD) in implementation and operations. This should include designing and implementing AAD for organizations including integrations with applications.
• 2+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications.
  

Ideally the following technical experience:

• 2 + years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth.
• 2 + years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory
• 2 + years of working knowledge with Azure Cloud service provider technologies.
• 2+ years of working knowledge with Azure Advanced Threat Protection
  

Additional Requirements:

• B.Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
  

Preferred:

• Certifications such as: Microsoft new roles-based certifications, CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus.
  

How You’ll Grow

At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center.

Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

Deloitte’s culture

Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.

Corporate citizenship

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world.

Recruiter tips

We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

Job title:

Azure Cloud Security Engineer (Consultant)

About

At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security.By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas.Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions.

The Team

Cyber & Strategic Risk

We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm.The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas:

• User provisioning
• Access certification
• Access management and federation
• Entitlements management
  

Work you’ll do

• As a Cloud Security Engineer, you will be at the front lines with our clients supporting them with their Cloud Cyber Risk needs:
• Executing on cloud security engagements across the lifecycle – assessment, strategy, design, implementation, and operations.
• Performing technical health checks for cloud platforms/environments prior to broader deployments.
• Assisting in the selection and tailoring of approaches, methods and tools to support cloud adoption, including for migration of existing workloads to a cloud vendor.
• Designing and developing cloud-specific security policies, standards and procedures. e.g., user account management (SSO, SAML), password/key management, tenant management, firewall management, virtual network access controls, VPN/SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption).
• Documenting all technical issues, analysis, client communication, and resolution.
• Supporting proof of concept and production deployments of cloud technologies.
• Assisting clients with transitions to cloud via tenant setup, log processing setup, policy configuration, agent deployment, and reporting.
• Operating across both technical and management leadership capacities.
• Providing internal technical training to Advisory personnel as needed.
• Performing cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc.
• Experience with multiple security technologies like CSPM, CWPP, WAF, CASB, IAM, SIEM, etc.
  

Required Skills

• 3 + years of information technology and/or information security operations experience.
• Ideally 2+ years of working with different Cloud platforms (SaaS, PaaS, and IaaS) and environments (Public, Private, Hybrid).
• Familiarity with the following will be considered a plus:
• Solid understanding of enterprise-level directory and system configuration services (Active Directory, SCCM, LDAP, Exchange, SharePoint, M365) and how these integrate with cloud platforms
• Solid understanding of cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF and how they help in compliance for cloud providers and cloud customers
• Hands-on technical experience implementing security solutions for Microsoft Azure
• Knowledge of cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments using tools like Terraform, Ansible, Puppet, Chef, Salt etc.
• Knowledge of cloud access security broker (CASB) and cloud workload protection platform (CWPP) technologies
• Solid understanding of OSI Model and TCP/IP protocol suite and network segmentation principles and how these can be applied on cloud platforms
  

Preferred:

• Previous Consulting or Big 4 experience.
• Hands-on experience with Azure, plus any CASB or CWPP product or service.
• Understanding of Infrastructure-as-Code, and ability to create scripts using Terraform, ARM, Ansible etc.
• Knowledge of scripting languages (PowerShell, JSON, .NET, Python, Javascript etc.)
  

Qualification

• Bachelor’s Degree required.Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
  

How You’ll Grow

At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India .

Deloitte’s culture

Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.

Corporate citizenship

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world.

Recruiting tips

Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters .

Benefits

We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you .

Our people and culture

Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories.

Professional development

You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people .© 2025. See Terms of Use for more information.Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.

Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.

Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.

Professional development

At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India .

Benefits To Help You Thrive

At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you.

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.Requisition code: 304100