Job Title:  T&T | Cyber D&R | Consultant | Firewall Management | Mumbai | Cyber Defense & Resilience

The team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks: Learn more about Cyber | Deloitte

Your work profile

• The Cloud Network Security L2 Analyst is responsible for monitoring, investigating, and responding to security incidents across cloud environments.
• The role involves hands-on analysis, policy enforcement, and supporting cloud security posture management for AWS/Azure/GCP environments.
• Monitor and investigate cloud security alerts from CSP-native tools and SIEM
• Perform L2-level triage and deep-dive analysis on cloud security incidents
• Analyze misconfigurations, identity issues, and suspicious activities in cloud workloads
• Manage and tune cloud security controls (Security Groups, NSGs, firewall rules)
• Work on alerts from CSPM, CWPP, CASB, and EDR solutions
• Validate cloud compliance posture against internal policies and regulatory requirements
• Coordinate with L1 analysts, Cloud Ops, and IR teams for resolution
• Create and maintain investigation notes, RCA, and incident reports
• Support onboarding of new cloud accounts and security baselining

Key Skills Required: 

• Education: - Any Graduate or B.E / B. Tech (Tier 1/2) in Computer Science, Information Technology or related fields 
• Experience Required - 3 to 5 years  
• Hands-on experience with AWS / Azure / GCP (minimum one cloud platform)
• Strong understanding of:Cloud Access Management (roles, policies, least privilege)
• Network security (VPC/VNET, Security Groups, NSG, firewalls)
• Logging & monitoring (CloudTrail, Azure Monitor, GCP Audit Logs)
• Experience with cloud security tools:
• CSPM (Defender for Cloud, Prisma Cloud, Wiz, etc.)
• SIEM (Splunk, QRadar, Sentinel, Chronicle)
• Knowledge of attack techniques in cloud (credential misuse, privilege escalation, lateral movement)
• Basic scripting knowledge (Python / PowerShell) is a plus
• Shall have 4-6 Years of experience and proposed OEM certifications   
• Base location: Mumbai (Anywhere - Mandatory client deputation)