Position Details: Cloud Security Infrastructure Architect

Description:

To work in the innovative and creative CISO Team, a world-class operation renowned for its extensive expertise and experience.

Collaborate with both business and technical teams to drive change and exert influence across the entire Deloitte landscape Utilize your skills to effect real-world impact.

As Compliance Specialist, you will be responsible for monitoring, managing and closing existing compliance finding while also ensuring that internal controls are compliant through with Deloitte security policy & standard.

Location : Hyderabad

Work shift Timings : 02:00 PM to 11:00 PM

Strategic

• Set the strategic vision for secure cloud adoption and expansion within the organization.

• Research emerging cloud technologies and threats, recommending appropriate security enhancements.

• Lead proof-of-concept projects for new cloud security tools, platforms, or controls.

Operational

• Develop and enhance cloud security architectures (IaaS, PaaS, SaaS) in alignment with business needs and industry best practices.

• Evaluate and recommend secure configurations for new and existing cloud initiatives.

• Collaborate with solution architects, application teams, and DevOps to ensure consistent security controls are integrated throughout the cloud infrastructure.

• Perform cloud security risk assessments; identify vulnerabilities and recommend remediation strategies.

• Ensure cloud platforms are compliant with regulatory and internal security standards (e.g., ISO 27001, NIST, GDPR).

• Lead efforts to maintain and demonstrate compliance during audits or security reviews.

• Oversee the configuration and monitoring of security controls such as firewalls, IAM, encryption, logging, and SIEM integrations in cloud environments.

• Respond to cloud security incidents, coordinate investigation and resolution, and lead post-incident reviews.

• Develop runbooks, playbooks, and escalation protocols for cloud security incidents.

• Develop and maintain cloud security policies, standards, baselines, and procedures.

• Produce clear documentation for architecture decisions, risk assessments, and security configurations.

Relationship Management

• Act as subject matter expert (SME) on cloud security, advising C-level, IT, and business stakeholders.

• Train, mentor, and lead less experienced cloud engineers and security team members.

• Represent the organization in external forums, vendor meetings, and industry groups as required.

• Assess and manage the security posture of third-party vendors and SaaS providers.

• Review and negotiate security-related contract terms and participate in vendor risk reviews.

Role Requirement

• Supporting implementation of the overall Information Security strategy
• Influencing and defining security policy, standards and procedures for improving security posture
• Designing, implementing and maintaining key security technology to improve security posture and strengthen security defenses
• Defining security requirements by evaluating business strategies and requirements, researching information security standards and conducting system security and vulnerability analyses and risk assessments
• Contributing to the end-to-end Security Architecture reviews as part of an IT lifecycle and security reviews throughout a change advisory board
• Leading on security research into the latest new security technologies
• Mentoring information security team members on recent developments and advancement in security technologies to drive widespread adoption of security best practices.

• Work with key IT service providers to ensure industry standard platform, network and endpoint security posture
• Ensure industry standard framework implementation
• Ensure project delivery by working with PMO and defining relevant milestones for CISO consumption
• Defining and providing relevant metrics and trends for CISO consumption

Qualifications

• 12+ years of experience
• Bachelors / Masters degree
• Proven experience in cloud security architecture role, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing cloud security solutions.

This includes continuous monitoring and making improvements to those solutions, working with an information security team.

• Working knowledge of different project delivery methodologies including Waterfall, Agile and Hybrid.

• Extensive knowledge of cloud security architecture, demonstrating solutions delivery, practices and emerging technologies
• Have demonstrable experience in consulting and engineering of the development and design of cybersecurity best practices and the implementation of solid cybersecurity practices across the organization, to meet business goals along with customer and regulatory requirements.

• Possess extensive knowledge of frameworks or specifications of information security or risk management that include all legal, physical and technical controls involved in an organization’s risk management
• Be very knowledgeable in cloud security standards ISO/IEC 27017:2015 and ISO/IEC 27018:2014
• Have extensive experience with security considerations of cloud computing: This should include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DDoS attacks.

• Have a good knowledge and understanding of identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.

• Have a solid understanding of various cyber technologies - mobile threat defense, endpoint protection, data loss prevention, insider threat protection, device hardening, classification, key & certificate management and many more
• Have the ability to be the enterprise cybersecurity subject matter expert that can articulate technical topics to those with or without a technical background

Skills Required

• Deep technical expertise with major cloud service providers (AWS, Azure, GCP).

• Hands-on experience with cloud-native security tools and platforms.

• Solid understanding of networking, IAM, encryption, and security best practices in cloud and hybrid environments.

• Strong leadership, communication, and project management abilities.

• Relevant certifications (e.g., CCSP, AWS Certified Security Specialty, Azure Security Engineer Associate, CISM, CRISC, CISSP).

Perform an action: