DevSecOps Security Manager
Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Cloud Cyber Services team and become a member of the largest group of cybersecurity professionals worldwide. Recruiting for this role will end on 6/30/2026.
Work you'll do As a DevSecOps Security Manager, you will lead client engagements that define, operationalize, and scale secure-by-design software delivery in cloud-agnostic environments. Responsibilities include:
The team Deloitte's Cyber Cloud team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions.
Required: 6+ years of experience in technical consulting, client problem solving, and delivery leadership. 2+ years designing or leading DevSecOps / Secure SDLC programs (assessment, roadmap, operating model, and implementation oversight). Experience translating policy/standards into engineering-ready controls and workflows; familiarity with security control frameworks (e.g., NIST CSF and/or NIST 800-53). Experience with automation/workflow platforms (e.g., ServiceNow or similar) to support security intake, governance, and evidence collection. Experience with application security and modern engineering ecosystems (CI/CD concepts, containers, SDLC tooling). BA/BS degree preferably in a technical field.
Additional Requirements: Ability to travel up to 80%, on average, based on the work you do and the clients and industries/sectors you serve Locations include: Houston, Dallas, Cleveland, Detroit, St. Louis, Pittsburgh, Boston, Charlotte, Atlanta, Miami, Memphis, Denver, Phoenix, Salt Lake City, Los Angeles, San Diego, San Franciso, Seattle. Must be within a reasonable commute and willing to work part-time in the Deloitte and/or client offices. Preferred: Previous consulting or Big 4 experience. Certifications (e.g., CCSP or comparable); familiarity with industry maturity models (e.g., OWASP SAMM, BSIMM) and/or supply chain frameworks (e.g., SLSA). Experience with code signing/PKI concepts and security tooling ecosystems; experience with dashboarding/analytics (e.g., Power BI) a plus. Understanding of regulatory/compliance requirements (e.g., ISO 27001/27017, SOC 2, PCI, HIPAA, SOX, GLBA, NIST 800-53).
Deloitte is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to participate in the recruiting process, please direct your inquiries to the Global Call Center (GCC) at [email protected].
By continuing you agree to our Terms & Privacy Policy.