Deloitte Dev Security Ops Engineer Manager in Nashville, Tennessee

Deloitte is one of the leading professional services organizations in the United States, specializing in audit, tax, consulting and financial advisory services with clients in more than 20 industries. We provide powerful business solutions to some of the world s most well-known and respected companies, including more than 75 percent of the Fortune 100.At Deloitte, you can have a rewarding career on every level. In addition to challenging and meaningful work, you ll have the chance to give back to your community, make a positive impact on the environment, participate in a range of diversity and inclusion initiatives, and find the support, coaching, and training it takes to advance your career. Our commitment to individual choice lets you customize aspects of your career path, your educational opportunities and your benefits. And our culture of innovation means your ideas on how to improve our business and your clients will be heard.DevSecOps Engineer DevOps COETechnology & Infrastructure - Office of the Deputy CIO for TechnologyNashville, TN - Preferred OVERVIEW The DevOps COE reports to the office of the Deputy CIO of Technology and is responsible for delivering cloud services which accelerate the delivery of both revenue-generating and internal applications. The DevOps COE flexes to support business-lead software development while bring to bear best practices which streamline and fully automate the release management pipeline. As a DevSecOps Engineer you will partner with the Sr DevSecOps Architect to drive the security design and delivery for world-class cloud solutions for the office of the Deputy CIO of Technology. This includes spearheading the implementation of security patterns, practices, controls, and monitoring in the cloud architecture practice. You will have a heavy emphasis on implementing end-to-end automated security monitoring and reporting solutions. Your responsibilities include partnering with cyber security experts, cloud architects, and strategic technology vendors to successfully implement cloud security solutions. You will be challenged to implement approaches that enable rapid and secure adoption of new cloud services and the proper level of operational governance. RESPONSIBILITIES Partner with the cyber security organization as the lead security engineer for cloud hosted products throughout the software development and operations lifecycleImplement and operationalize world-class end-to-end cloud security monitoring solutions that automate continuous compliance reportingDevelop custom integrations for off-the-shelf security tools to meet the risk management needs of DeloitteImplement cloud security patterns, practices, and controls that will be leveraged for all cloud deployments and the DevOps/SDLC delivery modelBe the trusted security advisor for cloud initiatives by providing objective, practical and relevant ideas, insights and adviceDirectly support product owners, solution architects, developers, and hosting operations leads through hands-on technical security knowledge, integration, and development/coding Provide technical guidance to internal peer teams. Partner with business and IT stakeholders to implement solutions that support cloud security strategy and roadmaps. Bachelor s degree in Computer Science, Business Information Systems or relevant experience and accomplishments.Experience securing multi-tenant cloud solutions with Microsoft Azure and Amazon AWS cloud services.5 years of experience implementing, integrating, and operating enterprise security tools at scale to support end-to-end automated compliance management.Developer background, experience with programming in at least one common object oriented language (Java, Python, C#, etc).Experienced in at least one scripting language, e.g., PowerShell, Python, Perl, JavaScript. 3 years of relevant Software Engineering experienceKnowledge of web application frameworks, API technologies, and micro services. Experience with design, installation/development, & configuration of security solutions. Experience with application logging integration, and products (Splunk, Log4J, Logstash, etc.). Experience with configuration management tools such as Ansible, Chef, or Puppet.Must understand Agile/SCRUM methodologies and have applied them on a Scrum team.Knowledge in 1 or more Application Security related disciplines, e.g., Secure Coding, Cryptography, Penetration Testing, Vulnerability Assessment, Static and Dynamic Application Security Testing etc. Integration level knowledge of API Security Architecture, and technologies such as, OAuth2, Azure Active Directory, Multi-Factor Auth, WS-Security, WS-Trust, or XACML. Experience in cloud provider security architecture design patterns including network and availability for AWS and Azure. Knowledge of OWASP Web/API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc.). Experience with encryption fundamentals: PKI, Encryption, Digital Signatures, & Key Management. Knowledge of Risk Controls framework, and Audit procedures (27000/1/2, NIST 800-53/171, DFARS etc.). Excellent verbal and written communication skills with ability to communicate risk assessments and complex technical concepts to both technical and non-technical audiences. CISSP or related Security certification preferredExcellent influencing and reasoning skills; good at conflict resolution and consensus building.Ability to travel 25%.

About Deloitte

As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: If you are not reviewing this job posting on our Careers site (careers.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at careers.deloitte.com.

Category: Information Technology