D

Cloud AI Security - Senior Consultant

Deloitte · Chennai, Tamil Nadu, India

~₹20L (est.)5–12 yrs experienceRemotefull_timePosted 6 days ago
Apply now →

Job description

**Summary** **Position Summary** **Cyber** Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat design, and technology as we partner with clients to transform finance. **Position Summary** **Job Title:** SeniorConsultant - Cloud AI Security Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Cyber Cloud AI Security team and become a member of the largest group of cybersecurity professionals worldwide. **Work you’ll do** As a Cloud AI Security Senior Consultant, you will lead and support client engagements focused on securing AI, generative AI, and ML workloads across cloud platforms. You will bring deep experience across cloud security, AI security architecture, governance, compliance, platform controls, and monitoring to help clients design, assess, and implement secure AI capabilities at scale. You will be expected to contribute to solutioning and client delivery, and provide actionable recommendations across the AI lifecycle, including data ingestion, model development, validation, deployment, runtime monitoring, and retraining. Responsibilities as a Cloud AI Security Senior Consultant will include: - Drive the design and implementation of AI security solutions within cloud environments aligned to client business objectives, enterprise architecture, regulatory expectations, and security requirements. - Execute AI security assessments for cloud-hosted AI/ML and GenAI workloads, evaluating controls against frameworks and standards such as NIST CSF, CSA CCM, ISO 27001, NIST AI RMF, and ISO 42001. - Define and implement AI security controls across identity, access, network segmentation, encryption, key management, secrets management, logging, monitoring, workload protection, and secure configuration management. - Support threat modeling and security architecture reviews for AI and GenAI solutions, including risks related to prompt injection, jailbreaks, insecure output handling, excessive agent permissions, sensitive data exposure, model misuse, and insecure tool or connector usage. - Design and review secure AI architectures spanning model endpoints, APIs, retrieval-augmented generation pipelines, vector stores, plugins, agent frameworks, orchestration layers, and external tool integrations. - Support secure deployment and configuration of cloud-native AI services including Amazon Bedrock, Amazon SageMaker, Azure AI Foundry, Azure OpenAI, Azure Machine Learning, and Google Vertex AI. - Implement and review platform-specific controls such as private connectivity, encryption with customer-managed keys, tenant isolation, access restrictions, content safety controls, and service-native logging and monitoring capabilities. - Drive DevSecOps, MLOps, and MLSecOps integration efforts by embedding policy validation, secrets handling, secure model promotion, compliance checks, and security testing into CI/CD and ML pipelines. - Define and implement secure AI lifecycle controls across data ingestion, model training, evaluation, deployment, monitoring, incident response, drift review, and retraining, including protections against data poisoning, model tampering, and supply-chain risk. - Support AI governance and compliance activities including model inventory, risk classification, approval workflows, traceability, documentation standards, and control mapping aligned to NIST AI RMF and ISO 42001. - Support clients in implementing responsible AI and model governance controls related to data protection, access control, model usage restrictions, prompt security, content filtering, and audit readiness. - Execute AI security posture management efforts using cloud-native tooling, CNAPP, CSPM, CWPP, DSPM, SIEM, and related controls to identify misconfiguration, data exposure, anomalous model activity, and policy violations. - Support AI-specific monitoring and incident response by helping define detections, alerts, escalation paths, and remediation activities for suspicious prompt behavior, agent abuse, unauthorized model access, and sensitive data leakage. - Conduct or support AI security testing activities including misuse-case testing, control validation, prompt attack testing, model guardrail validation, and red-team support for AI-enabled applications. - Work directly with client stakeholders across security, cloud engineering, DevOps, data, ML engineering, privacy, risk, and architecture teams to translate requirements into implementable designs and remediation plans. **The team** Deloitte Cyber team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. **Required:** - 7+ years of experience in cloud security, cybersecurity consulting, cloud engineering, DevSecOps, or closely related disciplines. - Demonstrated experience leading or owning workstreams in client-facing security engagements. - Experience designing, assessing, or implementing security controls for cloud-hosted applications, platforms, or AI/ML environments. - Strong hands-on experience with at least one major cloud platform and working knowledge of the other leading platforms: AWS, Microsoft Azure, and Google Cloud. - Strong understan