Deloitte Jobs

Job Information

Deloitte Technology Risk Management, Cloud Security Senior Analyst in Philadelphia, Pennsylvania

Deloitte Services LP includes internal support areas such as Marketing and Communications, Human Resources/Talent, Information Technology, Facilities Management, and Financial Support Services.

Technology Risk Management, Cloud Security Senior Analyst

Location: Open, Virtual

Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte s Information Technology Services (ITS). We are curious and life-long learners focused on technology and innovation.

Work you ll do

As the Technology Risk Management Cloud Security Senior Analyst, you ll be part of a team assessing risk in cloud implementations and providing compliance monitoring and validation of how Cloud Security solutions protect Deloitte against ongoing and potential security threats. You will be actively monitoring for Deloitte Cloud environments outside of the Global Enterprise Agreement (EA) accounts and instances, conducting and/or monitoring remediation efforts to close or migrate to sanctioned EA tenants. You will provide guidance on Cloud Security Compliance standard methodologies around management of an enterprise cloud infrastructure. You will serve as an operations analyst on various cloud platforms and compliance implementation tools.


  • Performs Non-EA account assessments and reports on findings, consults on remediation plans, tracks status, aggregates results to report to Leadership.

  • Assesses existing cloud implementations, identifying security issues and prioritizing fixes.

  • Transfers knowledge via documentation and training as needed to internal and external teams.

  • Collaborates with compliance monitoring and reporting programs, creating team run-books.

  • Reviews and provides guidance on effective risk management program and controls framework for cloud environments.

  • Educates DevOps, Security and Compliance teams on cloud compliance requirements.

  • Monitors cloud security alerts via native platform security consoles and/or third-party tools such as Redlock, creating cases/tickets and advancing to remediation teams as appropriate.

  • Performs deep-dive controls testing for high risk areas for independent validation of issues and remediation efforts as needed.

The team

Information Technology Services (ITS) helps power Deloitte s success. ITS drives Deloitte, which serves many of the world s largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.

The 2,500 professionals in ITS deliver services including:

  • Security, risk & compliance

  • Technology support

  • Infrastructure

  • Applications

  • Relationship management

  • Strategy

  • Deployment

  • PMO

  • Financials

  • Communications

Cyber Security

Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.

Areas of focus include:

  • Cyber design

  • Risk & Compliance

  • Technology Risk Management

  • Identity & Access Management

  • Data Protection

  • Incident Response and Architecture

Category: Information Technology

About Deloitte

As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.