Cloud Security Engineer Manager
Deloitte · Boise, ID · 2 wk ago
HybridInformation Technology$119k–$244k/yrFull-time
About the role
We are seeking a talented, passionate cyber security specialist who will serve as a technical interface and subject matter expert in designing, implementing, and supporting an enterprise-class application-centric micro-segmentation service for Deloitte US Member Firm.
Responsibilities
- Assist in the design, implementation, and sustainment of zero trust architectures to safeguard critical assets and data against emerging cyber threats.
- Serve as the subject matter expert (SME) for application micro-segmentation and zero-trust principles, methodologies, and technologies.
- Collaborate with Network and Firewall Teams, Application Teams, Server Teams, Cloud Engineering Teams etc. to design, implement, and support an enterprise-class application-centric micro-segmentation solution and service.
- Lead implementation of micro-segmentation to safeguard critical applications as part of a multi-year program.
- Identify new service requirements in support of our Zero Trust strategy.
- Lead and support troubleshooting for micro-segmentation service.
Qualifications
- Bachelor’s degree or equivalent in Information Technology, Computer Science, or Engineering.
- Minimum 6 years of related Cyber Security experience with a focus on network security engineering, including firewall policy design, rule management, and hands-on experience securing east-west traffic in enterprise environments.
- Proficiency in Python development for automation and scripting, including experience building security tooling, policy automation, or infrastructure-as-code workflows.
- Networking fundamentals with demonstrated experience across both cloud environments (AWS, Azure, or GCP) and on-premises data center infrastructure, including VLANs, subnetting, routing protocols, firewall policy, and east-west traffic segmentation.
Preferred
- Experience with micro-segmentation platforms (e.g., Illumio, Guardicore, Cisco Secure Workload) and practical application of Zero Trust principles such as least-privilege access, identity-aware policy enforcement, and network segmentation strategy.
- Experience deploying, managing, and tuning micro-segmentation security policies.
- Networking knowledge and experience in traffic analysis using tools such as Wireshark.
- Experience with virtualization technologies such as VMware, Hyper-V.
- Experience with cloud platforms such as Azure, GCP and/or AWS.
- Understanding of the Zero Trust Framework or NIST 800-207 (Zero Trust Architecture).
- Experience working with all levels of management, stakeholders, and vendors.
- Familiarity with technologies such as Infrastructure-as-a-Service (IaaS), Software-Defined Networking (SDN) and containers.
- Experience designing and managing firewalls or other network segmentation tools.
- Experience setting up, configuring, policy creation, and troubleshooting firewalls such as Palo Alto, Cisco, Windows Packet Filtering, and IP Tables.
- Well versed in one of the scripting languages (e.g. PowerShell, Python and BASH).
- System forensics and investigation skills, including analyzing system artifacts (e.g. file system, memory, running processes, network connections, logs).
- CISSP, GIAC, CCNA or other related Information Security certifications.