4/12/26
Apply now
- Start applying with LinkedIn
- Apply Now
Start
- Please wait...
Job Type: Permanent
Reference code: 133035
Primary Location: Toronto, ON
All Available Locations: Toronto, ON; Calgary, AB; Edmonton, AB; Ottawa, ON; Vancouver, BC
What will your typical day look like?As a Cyber Risk Consultant / Senior Consultant, you will have the opportunity to work on a variety of projects addressing new technology trends and related business challenges faced by our clients both locally and globally. Tasks include:
• Assessing and implementing Cloud security solutions for clients
• Reviewing security-related events, assessing risk and validity, as well as reporting on security postures and recommending corrective actions when required
• Working with security vendors to understand their solution offerings and advise clients on appropriate technologies and architectures, based on their needs
• Conducting research on the latest security technologies and standards, as well as the threat and vulnerability landscape, in order to advise clients and recommend appropriate actions
• Facilitating use of technology-based tools or methodologies to review, design and/or implement products and services.
About the teamDeloitte's Cyber Cloud team helps organizations throughout the complete cycle of moving business processes to the cloud and operating it in a secure and private way. We offer cyber capabilities and solutions focused on development, transformation and resilience of cloud security through various mechanisms, built upon our demonstrated delivery methodology and leverage our deep technical experience, industry and regulatory knowledge, vendor and our access to a large global network of skilled professionals.
Enough about us, let's talk about youYou are someone with:
• Degree or Diploma in Computer Science, Engineering, Management Information Systems or Information Security or relevant experience in these domains
• 1-5 years experience in application development and knowledge of main programming languages
• AWS and Azure Security Expertise: In-depth understanding of the security features and best practices within Amazon Web Services {AWS) and Microsoft Azure.
• Microservices and Kubernetes Security: Proficiency in securing microservices architecture and Kubernetes clusters, ensuring robust protection of containerized applications.
• DevSecOps Platforms and Security Scanning Tools: Experience with tools and platforms that integrate security into the development process, along with expertise in security scanning tools to identify vulnerabilities.
• Git and Scripting Languages (Bash, PowerShell, Python): Strong familiarity with version control using Git and scripting languages to automate security processes and tasks.
• Infrastructure as Code {laC) with Terraform: Ability to define and manage infrastructure as code using Terraform, streamlining the deployment and configuration of cloud resources securely.
• Policy Languages (Sentinel, OPA): Proficient in policy languages like Sentinel and Open Policy Agent (OPA) to enforce and automate security policies.
• Data Serialization (JSON, YAML): A solid grasp of data serialization formats such as JSON and YAML, essential for effective communication and configuration in cloud environments.
• Programming Skills: Advantageous to have programming skills and a conceptual understanding of software development practices to collaborate effectively with developers.
• Good understanding of basic networking concepts/principles (routing, switching, IP addressing etc.) and common services/protocols is important
• Knowledge of foundational systems security principles is important
• Knowledge of application security concepts and overall application design is important
• Hands on experience with cloud security posture management platforms (e.g., Palo Alto Prisma Cloud, Wiz, Orca) to assess misconfigurations and integrate findings into CI/CD, SIEM, and ticketing workflows for continuous remediation.
• Awareness of AI/ML security risks within cloud environments, including securing AI workloads, model endpoints, and data pipelines and how these intersect with cloud IAM, network segmentation, secrets management, and DevSecOps controls on AWS and Azure
• Familiarity with AI governance and risk frameworks (e.g., NIST AI RMF, ISO 42001, ISO 42005) and ability to assess client AI deployments against organizational security policies and regulatory compliance standards
• Practical experience using large language models (e.g., Microsoft Copilot, Google Gemini) and prompt engineering techniques to automate security tasks, generate IaC configurations, and accelerate delivery across cloud security engagements
• Ability to use AI coding assistants (e.g., GitHub Copilot) to accelerate development of security automation scripts, policy-as-code, and infrastructure configurations in Bash, Python, Terraform, or YAML
• Must be eligible to obtain and maintain a Government of Canada security clearance at the Reliability Status level (minimum); eligibility for Secret (Level II) clearance is strongly preferred
Total RewardsThe salary range for Consultant is $57,000 to $102,000 and $72,000 - $138,000 for Senior Consultant. Individuals may also be eligible to participate in our bonus program. Deloitte is fair and competitive when it comes to the salaries of our people. We regularly benchmark across a variety of positions, industries, sectors, targets, and levels. Our approach is grounded on recognizing people's unique strengths and contributions and rewarding the value that they deliver.
Our Total Rewards Package extends well beyond traditional compensation and benefit programs and is designed to recognize employee contributions, encourage personal wellness, and support firm growth. Â Along with a competitive base salary and variable pay opportunities, we offer a wide array of initiatives that differentiate us as a people-first organization. On top of our regular paid vacation days, some examples include: $4,000 per year for mental health support benefits, a $1,300 flexible benefit spending account, firm-wide closures known as "Deloitte Days", dedicated days of for learning (known as Development and Innovation Days), flexible work arrangements and a hybrid work structure.
