Deloitte Jobs

Job Information

Deloitte Cloud Security Risk Senior Consultant in Miami, Florida

Digital Controls - Cloud Security Risk

Do you thrive in times of disruption? Have a passion for turning challenges and opportunities into long-term competitive advantages? As a Senior Consultant in Deloitte Risk & Financial Advisory, you'll have the opportunity to gain valuable hands-on experience working alongside leading professionals across diverse industries while building your professional skills in a variety of project experiences. Our Deloitte Risk & Financial Advisory practice helps organizations effectively navigate business risks and opportunities-from strategic, reputation, and financial risks to operational, cyber, and regulatory risks-to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading team's help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries.

The Team:

Deloitte Risk & Financial Advisory helps organizations navigate a variety of risks to lead in the marketplace and disrupt through innovation. The insights of our professionals, combined with our specialized products and services, help clients learn how to embrace complexity and leverage their position of strength to accelerate performance.

Learn more about our Deloitte Risk & Financial Advisory practice at Deloitte.

Job Duties:

Our professionals understand the dynamics of serving complex, global clients across multiple industries, and the importance of increasing transparency around business performance. We provide specialized cloud and internal control services for internal and external audit clients along with other services related to financial reporting. To further exploit opportunities and mitigate the risks presented by different markets, we also work with clients to navigate complexities, risks and opportunities presented by third-party relationships.

Application modernization and migration risk assessments

Cloud native applications and services risk and control assessments

Cloud services orchestration and automation

Cloud managed services

Risk and control assessments

Control design, implementation, operation, and evaluation

Cloud secure reference architectures design evaluation

Risk and control analysis of automated DevSecOps pipelines

Cloud security posture management assessments

Ideating and developing cloud risk and controls solutions to meet client needs

Regardless of project type, your work will require:

Proficiency in verbal and written communication skills essential to interacting with clients and teams

Ability to work independently and manage multiple projects/assignments/responsibilities in a fast-paced environment with minimal oversight

Strong problem solving and critical thinking skills

Ability to quickly research and collect data from unique places

Ability to synthesize data and convey information in a concise yet meaningful way

Strong understanding of Cloud and IaaS, PaaS, and SaaS services.

Qualifications:

BA/BS in Computer Science, Information Systems Administration or a related field

4+ years of related professional experience

2+ years' experience in auditing Cloud (e.g.; AWS, Azure or GCP) from a technical risk and controls perspective

Associate or professional level certifications in any one of the following cloud service providers; AWS, Azure, or GCP

Any experience or curiosity in the following:

  • Infrastructure as a code to drive compliance,

  • Experience in leverage native cloud service provider (AWS, Azure or GCP) API commands to extract data

  • CI/CD pipeline architecture,

  • Tools supporting CI/CD pipelines such as GitHub, CircleCI, Jenkins, Ansible, Cloud Formation, Terraform, AzureDevOps, etc.

    Any experience or curiosity in developing (CW1) automation and leveraging it to drive risk, security compliance, monitoring and remediation

    Demonstrated ability to plan and manage engagements along with ensuring deliverables meet work plan specifications and deadlines.

    Strong background in IT risk assessment and remediation

    Experience identifying controls and making recommendations to bolster security and compliance posture

    Expertise in designing and developing proof of concepts and executing test plans

    Demonstrated ability to write technical reports and to participate in presentations with executive leadership

    Ability to travel up to 50% on average, based on the work you do and the clients and industries/sectors you serve

    Limited immigration sponsorship may be available.

Preferred:

Prior Big 4 experience is a plus

Working knowledge of programming and scripting languages (e.g., Python, Node.js, PowerShell, JSON, YAML, etc.)

Experience working with Web service and APIs strongly preferred

Knowledge of industry information security and cloud security frameworks such as NIST 800-53, ISO 27001, CSA CCM etc.

Understanding of data analytics tools such as Tableau, Alteryx, Snowflake is a plus

Experience with Sarbanes-Oxley is desirable

Master's in accounting, Computer Science, Information Systems, or a related field is a plus

CPA, CISA or CISSP

Team management experience is a plus

Understanding of cloud technologies like Containers, Kubernetes, serverless, microservices, IOT, AI, etc. highly desirable

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

DirectEmployers