Data Senior Security Architect & Engineer - Manager

We are seeking experienced Data Security professionals with expertise in both architecture and engineering. The ideal candidate will have a proven track record in leading designing, implementing, and testing data security solutions. Responsibilities include developing security architectures, creating technical design documents, and establishing control frameworks for data protection across cloud and on-premises environments. Experience in maintaining and operating data security technologies is also highly valued, as is the ability to assess and enhance existing data security architectures to meet evolving business and regulatory requirements.

We empower you to research and experiment with different approaches and tooling to ensure we remain on the cutting edge of Data Security. You will influence our macro approach and set the direction for how we meet our clients' demands. Our projects vary greatly, and your responsibility will differ based on the focus of a specific client engagement or proposal, but your role is likely to include:

This role will involve working closely with cross-functional teams to ensure seamless deployment and integration of data security solutions, as well as contributing to the ongoing operation and maintenance of data security technologies across our clients. As part of this role, you will be expected to:

· Define data security use cases, functional and non-functional solution requirements, and technical specifications e.g., data discovery, data access governance, data classification, data loss prevention, encryption, data masking, monitoring, and compliance requirements. As part of this, defining next gen use cases covering data security posture management and AI use cases.

· Design and architect data security solutions by creating high-level and low-level designs that align with business objectives and comply with industry cybersecurity standards (e.g., NIST, ISO 27001). For example, this includes:

· Creating high-level and low-level system architecture diagrams with technical descriptions of each component.

· Defining the dependencies to implement the solution, e.g., network rules, server resources, storage requirements.

· Defining the system specifications to support optimal performance.

· Integrate workflows with third-party systems and security tools, such as Security Information and Event Management (SIEM) solutions, data discovery and classification tools (e.g., Varonis, BigID), and cloud platforms like Microsoft Azure.

· Define the Responsible, Accountable, Consulted, and Informed (RACI) matrix to operate and maintain the solution's infrastructure components.

· Develop technical documentation for data security implementations including process documentation to enable solution operation (e.g., defining processes for data classification, data access requests, data governance, approval workflows, and data lifecycle management).

· Implementing data security solutions by:

· Installing components (e.g., servers, databases) in on-premises/cloud environments and configuring cloud-based elements, including scripting or coding plug-ins and extensions for cloud platforms.

· Installing and configuring servers for data discovery and deploying agents for DLP scanning across endpoints and network devices.

· Integrating data security solutions with enterprise applications and systems such as directories, cloud applications, and third-party data repositories.

· Configuring and implementing API integrations and reverse proxy architectures with cloud services to enable secure data flows.

· Implementing, fine-tuning, and managing DLP policies to address business requirements and minimise false positives.

· Collaborating with IT infrastructure teams to ensure all prerequisites and dependencies are addressed prior to deployment.

· Executing unit, integration, functional, and non-functional testing for data security solutions, and troubleshooting issues such as data access failures, policy conflicts, and data protection errors in coordination with vendors.

· Providing post-implementation services, including hyper-care support and advanced troubleshooting to resolve production issues and ensure smooth operation.

· Conducting knowledge transfer to client data security teams through technical training sessions, enabling clients to operate and maintain the solution effectively.

· Contribute to the development of compelling data security solution approaches for client proposals and bids, ensuring alignment with client requirements and Deloitte's strategic capabilities.

Whilst a bachelor's degree (or equivalent) in Computer Science or Engineering is desirable, we are more interested in your real-world professional experience and your ability to turn this into impactful client outcomes.

Key skills - not every candidate requires all of these but should be familiar and/or have experience with a majority of these:

· Building strong client relationships, particularly within engagement delivery. Ability to understand client problems and issues and develop a proposal for how we can support.

· Strong interpersonal and relationship skills to manage a variety of client stakeholders from Architects to Developer.

· Broad data security experience across data discovery, data classification, data loss prevention (DLP), data security posture management, encryption, data masking, data governance, and data privacy, with demonstrable ability to build data security strategies which integrate into client enterprise architectures and beyond.

· Experience in developing architecture and hands-on engineering for data security solutions across the following areas (not all required, but the majority are preferable):

· DLP across email, O365, cloud, web, and endpoint channels (e.g., using Microsoft, Broadcom, ForcePoint)

· Data classification and data discovery

· Digital Rights Management (e.g., using Microsoft)

· Data security across Azure, AWS, Oracle, and Google Cloud, utilising third-party DLP tools (such as Microsoft, Broadcom, ForcePoint) and/or native cloud capabilities.

· Encryption technologies such as KeyFactor, HashiCorp Vault, AWS Key Management Service (KMS) and Azure Key Vault.

· Data Security Posture Management and Data Governance tools such as Microsoft, Varonis and BigID for data discovery, classification, access monitoring, and threat detection across structured and unstructured environments.

· Understanding of data privacy regulations (e.g., GDPR, CCPA), data governance frameworks, and emerging trends in data security.

· Exposure to/Understanding of DevOps tools and repositories (e.g., Git, Azure DevOps, Kubernetes, Docker, Jenkins, Ansible etc.).

· Practical experience with Linux and Windows operating systems.

· Experience with modern data security concepts such as data-centric security, zero trust data access, data security posture management, data access governance design, and cloud-native data protection.

In addition to the above, the following are desirable:

· Relevant certifications (e.g. CISSP, CISM, CIPP/E, Microsoft Certified: Security, Compliance, and Identity Fundamentals, etc.).

Deloitte drives progress. Our firms around the world help our clients become market leaders wherever they compete. Deloitte invests in outstanding people with diverse talents and backgrounds, empowering them to achieve more than they can elsewhere. Our work combines consulting with action and integrity. We believe that when our clients and society are stronger, so are we.