Cloud Security Engineer Manager
About the role
We are seeking a talented, passionate cyber security specialist who will serve as a technical interface and subject matter expert in designing, implementing, and supporting an enterprise-class application-centric micro-segmentation service for Deloitte US Member Firm.
Responsibilities
- Assist in the design, implementation, and sustainment of zero trust architectures to safeguard critical assets and data against emerging cyber threats.
- Serve as the subject matter expert (SME) for application micro-segmentation and zero-trust principles, methodologies, and technologies.
- Collaborate with Network and Firewall Teams, Application Teams, Server Teams, Cloud Engineering Teams etc. to design, implement, and support an enterprise-class application-centric micro-segmentation solution and service.
- Lead implementation of micro-segmentation to safeguard critical applications as part of a multi-year program.
- Identify new service requirements in support of our Zero Trust strategy.
- Lead and support troubleshooting for micro-segmentation service.
Qualifications
- Bachelor’s degree or equivalent in Information Technology, Computer Science, or Engineering.
- Minimum 6 years of related Cyber Security experience with a focus on network security engineering, including firewall policy design, rule management, and hands-on experience securing east-west traffic in enterprise environments.
- Proficiency in Python development for automation and scripting, including experience building security tooling, policy automation, or infrastructure-as-code workflows.
- Networking fundamentals with demonstrated experience across both cloud environments (AWS, Azure, or GCP) and on-premises data center infrastructure, including VLANs, subnetting, routing protocols, firewall policy, and east-west traffic segmentation.
Preferred
- Experience with micro-segmentation platforms (e.g., Illumio, Guardicore, Cisco Secure Workload) and practical application of Zero Trust principles such as least-privilege access, identity-aware policy enforcement, and network segmentation strategy.
- Experience deploying, managing, and tuning micro-segmentation security policies.
- Networking knowledge and experience in traffic analysis using tools such as Wireshark.
- Experience with virtualization technologies such as VMware, Hyper-V.
- Experience with cloud platforms such as Azure, GCP and/or AWS.
- Understanding of the Zero Trust Framework or NIST 800-207 (Zero Trust Architecture).
- Experience working with all levels of management, stakeholders, and vendors.
- Familiarity with technologies such as Infrastructure-as-a-Service (IaaS), Software-Defined Networking (SDN) and containers.
- Experience designing and managing firewalls or other network segmentation tools.
- Experience setting up, configuring, policy creation, and troubleshooting firewalls such as Palo Alto, Cisco, Windows Packet Filtering, and IP Tables.
- Well versed in one of the scripting languages (e.g. PowerShell, Python and BASH).
- System forensics and investigation skills, including analyzing system artifacts (e.g. file system, memory, running processes, network connections, logs).
- CISSP, GIAC, CCNA or other related Information Security certifications.
Benefits
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $118,700 to $243,700.
Pay
Reasonable estimate of the current range is $118,700 to $243,700.
Schedule
N/A