Security architecture review - senior consultant – americas delivery mexico (admx)
are you an experienced, passionate pioneer in technology? As a senior consultant in the security architecture review who wants to work in a collaborative environment? As an experienced in the security architecture you will have the ability to share new ideas and collaborate on projects as a consultant without the extensive demands of travel. Americas delivery mexico (admx) leverages scale and talent to provide high quality, cost-effective service to our clients.
admx is a member of the global delivery network which has presence across the world with delivery centers in the united states, romania, india, spain, china, and the philippines. Admx is in queretaro, mexico. We provide consulting services to help our clients achieve a higher level of service in operational efficiency and business value. We are a team of professionals passionate about serving clients with distinction and learning, and we are driven by our purpose: making an impact that matters for our clients, our people, and society.
as a senior consultant in the security architecture review team, you will play a key role in safeguarding enterprise applications and infrastructure by evaluating security architecture and ensuring robust controls are in place. You will assess secure software development practices, identify vulnerabilities in application and network designs, and provide actionable recommendations to mitigate risks. Your expertise will help organizations embed security throughout the application lifecycle, maintain regulatory compliance, and adapt to evolving threats and technologies. You will serve as a trusted advisor to both technical and business stakeholders, guiding the implementation of leading security frameworks and controls.
responsibilities
* review secure software development lifecycle (sdlc) practices and security architecture for new and significantly revised applications.
* assess application previews, integrations, architectures, and data flows for vulnerabilities and recommend mitigations.
* partner with development, infrastructure, and operations teams to embed security throughout the application lifecycle.
* evaluate and validate network security controls, including waf, firewalls, ids/ips, and vpns.
* advise on identity and access management (iam) and disaster recovery strategies.
* ensure compliance with regulatory standards such as nydfs, sox, hipaa, pci dss, iso27001, and others.
* guide the implementation of zero trust security models across the organization.
* conduct risk assessments and provide security recommendations for cloud deployments in aws, azure, and gcp.
* present security findings and recommendations to both technical and business stakeholders.
* stay current with emerging threats, technologies, and regulatory changes to inform security strategy.
the team
our deloitte cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
admx is a member of the global delivery network which has presence across the world with delivery centers in the united states, romania, india, spain, china, and the philippines. Admx is in queretaro, mexico. We provide consulting services to help our clients achieve a higher level of service in operational efficiency and business value. We are a team of professionals passionate about serving clients with distinction and learning, and we are driven by our purpose: making an impact that matters for our clients, our people, and society.
qualifications
required
* bachelor’s degree in computer science, information security, or a related field.
* experience in secure software development lifecycle (sdlc) and security architecture review.
* strong knowledge of application architectures, data flows, and integration points.
* familiarity with network security controls (waf, firewalls, ids/ips, vpns).
* understanding of iam, disaster recovery, and zero trust security models.
* experience with regulatory compliance frameworks (nydfs, sox, hipaa, pci dss, iso27001, etc.).
* experience with cloud security in aws, azure, and gcp environments.
preferred
* strong communication skills for presenting findings to technical and business audiences.
* relevant certifications (e.g., cissp, ccsp, aws/azure/gcp security) are a plus.
our people and culture
our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes deloitte one of the most rewarding places to work.
professional development
from entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.
accommodations
we are committed to providing equal opportunity and reasonable accommodation for people with disabilities. To request a reasonable accommodation, contact our talent relations team at ustalentcicinbox@deloitte.com
as used in this posting, "deloitte" means deloitte consulting llp, a subsidiary of deloitte llp. Please see for a detailed description of the legal structure of deloitte llp and its subsidiaries.
all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.