Cloud Security Engineer Manager
Job Description
Deloitte Technology US is seeking a Cloud Security Engineer Manager for an onsite role in Colorado Springs, CO. This position offers a competitive salary range of USD 118,700 to 243,700 per year and a discretionary annual incentive program. You will lead the design, implementation, and operation of an enterprise-class, application-centric micro-segmentation service, serving as the subject matter expert on zero-trust concepts and coordinating across application, network, and cloud teams. The role emphasizes practical Zero Trust delivery, strong collaboration, and a culture of excellence within a major professional services firm.
Benefits
- Discretionary annual incentive program
The Team
Deloitte Technology US (DT - US) powers Deloitte's success by developing and deploying cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. The DT - US team encompasses roughly 3,000 professionals delivering services across Cyber Security, Technology Support, Technology & Infrastructure, Applications, Relationship Management, Strategy & Communications, Project Management, and Financials. The Cyber Security group protects Deloitte and client data, guiding a strategic cyber risk program that adapts to evolving threats, business strategies, risks, and vulnerabilities. Focus areas include Risk & Compliance, Identity & Access Management, Data Protection, Cyber Design, Incident Response, Security Architecture, and Business Partnership.
Responsibilities
- Contribute to the design, deployment, and ongoing sustainment of zero trust architectures to safeguard assets and data against emerging threats.
- Serve as the subject matter expert for application micro-segmentation and zero-trust principles, methodologies, and technologies.
- Collaborate with Network and Firewall Teams, Application Teams, Server Teams, Cloud Engineering Teams, and others to design, implement, and support an enterprise-class, application-centric micro-segmentation solution and service.
- Lead the rollout of micro-segmentation to protect critical applications as part of a multi-year program.
- Identify new service requirements to advance the Zero Trust strategy.
- Lead and support troubleshooting for the micro-segmentation service.
Requirements
- Bachelor's degree or equivalent in Information Technology, Computer Science, or Engineering.
- Minimum 6 years of related Cyber Security experience with a focus on network security engineering, including firewall policy design, rule management, and securing east-west traffic in enterprise environments.
- Proficiency in Python for automation and scripting, including building security tooling, policy automation, or infrastructure-as-code workflows.
- Strong networking fundamentals with experience across cloud environments (AWS, Azure, or GCP) and on-premises data center infrastructure, including VLANs, subnetting, routing protocols, firewall policy, and east-west traffic segmentation.
Technologies
- Python, PowerShell, Bash
- AWS, Azure, GCP
- Windows Server, Linux
- VMware, Hyper-V
- Palo Alto, Cisco
- Windows Packet Filtering, IPTables
- Wireshark, Illumio, Guardicore, Cisco Secure Workload
- Infrastructure-as-a-Service (IaaS), Software-Defined Networking (SDN)
- Containers, NIST 800-207 Zero Trust Architecture, Zero Trust Framework