Deloitte is seeking a talented, passionate cyber security specialist who will serve as a technical interface and subject matter expert in designing, implementing, and supporting an enterprise-class application-centric micro-segmentation service. The professional will lead and collaborate with application teams, infrastructure teams, and vendors to support all phases of product integration, deployment, operations, and maintenance for critical business applications and workload isolation.
Responsibilities:
- Assist in the design, implementation, and sustainment of zero trust architectures to safeguard critical assets and data against emerging cyber threats
- Serve as the subject matter expert (SME) for application micro-segmentation and zero-trust principles, methodologies, and technologies
- Collaborate with Network and Firewall Teams, Application Teams, Server Teams, Cloud Engineering Teams etc. to design, implement, and support an enterprise-class application-centric micro-segmentation solution and service
- Lead implementation of micro-segmentation to safeguard critical applications as part of a multi-year program
- Identify new service requirements in support of our Zero Trust strategy
- Lead and support troubleshooting for micro-segmentation service
Requirements:
- Bachelor's degree or equivalent in Information Technology, Computer Science, or Engineering
- Minimum 6 years of related Cyber Security experience with a focus on network security engineering, including firewall policy design, rule management, and hands-on experience securing east-west traffic in enterprise environments
- Proficiency in Python development for automation and scripting, including experience building security tooling, policy automation, or infrastructure-as-code workflows
- Networking fundamentals with demonstrated experience across both cloud environments (AWS, Azure, or GCP) and on-premises data center infrastructure, including VLANs, subnetting, routing protocols, firewall policy, and east-west traffic segmentation
- Experience with micro-segmentation platforms (e.g., Illumio, Guardicore, Cisco Secure Workload) and practical application of Zero Trust principles such as least-privilege access, identity-aware policy enforcement, and network segmentation strategy
- Experience deploying, managing, and tuning micro-segmentation security policies
- Networking knowledge and experience in traffic analysis using tools such as Wireshark
- Experience with virtualization technologies such as VMware, Hyper-V
- Experience with cloud platforms such as Azure, GCP and/or AWS
- Understand application tiering architecture (web, application, database), communication patterns and application connectivity
- Experience with Windows server/Linux operating systems
- Knowledge of the Zero Trust Framework or NIST 800-207 (Zero Trust Architecture)
- Experience working with all levels of management, stakeholders, and vendors
- Familiarity with technologies such as Infrastructure-as-a-Service (IaaS), Software-Defined Networking (SDN) and containers
- Experience designing and managing firewalls or other network segmentation tools
- Experience setting up, configuring, policy creation, and troubleshooting firewalls such as Palo Alto, Cisco, Windows Packet Filtering, and IP Tables
- Well versed in one of the scripting languages (e.g. PowerShell, Python and BASH)
- System forensics and investigation skills, including analyzing system artifacts (e.g. file system, memory, running processes, network connections, logs)
- CISSP, GIAC, CCNA or other related Information Security certifications