Cloud Security Engineer Manager
Indexed description
Recruiting for this role ends on 7/17/2026.
Work you'll do
- Assist in the design, implementation, and sustainment of zero trust architectures to safeguard critical assets and data against emerging cyber threats.
- Serve as the subject matter expert (SME) for application micro-segmentation and zero-trust principles, methodologies, and technologies.
- Collaborate with Network and Firewall Teams, Application Teams, Server Teams, Cloud Engineering Teams etc. to design, implement, and support an enterprise-class application-centric micro-segmentation solution and service.
- Lead implementation of micro-segmentation to safeguard critical applications as part of a multi-year program.
- Identify new service requirements in support of our Zero Trust strategy.
- Lead and support troubleshooting for micro-segmentation service.
- Ability to work independently and collaborate as part of a team
- Effective written and verbal communication skills
- Meticulous attention to detail and quality of work product
- Ability to build and sustain professional relationships
- Ability to lead projects or workstreams
- Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
- Strong interpersonal skills and professional demeanor
- Ability to meet deadlines
- Ability to mentor and provide clear guidance to others
The ~3,000 professionals in DT - US deliver services including:
- Cyber Security
- Technology Support
- Technology & Infrastructure
- Applications
- Relationship Management
- Strategy & Communications
- Project Management
- Financials
Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of focus include:
- Risk & Compliance
- Identity & Access Management
- Data Protection
- Cyber Design
- Incident Response
- Security Architecture
- Business Partnership
- Bachelor's degree or equivalent in Information Technology, Computer Science, or Engineering.
- Minimum 6 years of related Cyber Security experience with a focus on network security engineering, including firewall policy design, rule management, and hands-on experience securing east-west traffic in enterprise environments.
- Proficiency in Python development for automation and scripting, including experience building security tooling, policy automation, or infrastructure-as-code workflows.
- Networking fundamentals with demonstrated experience across both cloud environments (AWS, Azure, or GCP) and on-premises data center infrastructure, including VLANs, subnetting, routing protocols, firewall policy, and east-west traffic segmentation.
- Experience with micro-segmentation platforms (e.g., Illumio, Guardicore, Cisco Secure Workload) and practical application of Zero Trust principles such as least-privilege access, identity-aware policy enforcement, and network segmentation strategy.
- Experience deploying, managing, and tuning micro-segmentation security policies.
- Networking knowledge and experience in traffic analysis using tools such as Wireshark.
- Experience with virtualization technologies such as VMware, Hyper-V.
- Experience with cloud platforms such as Azure, GCP and/or AWS.
- Understand application tiering architecture (web, application, database), communication patterns and application connectivity.
- Experience with Windows server/Linux operating systems.
- Knowledge of the Zero Trust Framework or NIST 800-207 (Zero Trust Architecture).
- Experience working with all levels of management, stakeholders, and vendors.
- Familiarity with technologies such as Infrastructure-as-a-Service (IaaS), Software-Defined Networking (SDN) and containers.
- Experience designing and managing firewalls or other network segmentation tools.
- Experience setting up, configuring, policy creation, and troubleshooting firewalls such as Palo Alto, Cisco, Windows Packet Filtering, and IP Tables.
- Well versed in one of the scripting languages (e.g. PowerShell, Python and BASH).
- System forensics and investigation skills, including analyzing system artifacts (e.g. file system, memory, running processes, network connections, logs).
- CISSP, GIAC, CCNA or other related Information Security certifications.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search