Deloitte US

Job Title: Azure AI Security Manager

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.

Recruiting for this role ends on 05/29/2026.

Work you’ll do

As a Manager in Cyber specializing in Microsoft Azure and AI Security, you will lead complex client engagements to secure Microsoft Azure IaaS, PaaS and AI workloads across data, endpoints, and applications.

• Lead end-to-end security architecture and delivery for Azure AI services (Azure OpenAI Service, Azure Machine Learning, Azure Cognitive Services, Azure AI Studio), Azure Platform & Infrastructure services (security assessments, Azure secure landing zone design, Azure security implementation) and relevant Microsoft security platforms (Microsoft Defender Suite, Microsoft Sentinel, Microsoft Purview, or Entra ID security).
• Define and govern AI security playbooks for encryption, key management, identity and access management, data integrity, model registry controls, model scanning, Responsible AI safeguards, and content safety.
• Establish secure MLOps and CI/CD patterns for model training, tuning, and deployment on AKS, ACI, and serverless endpoints, embedding runtime scanning, telemetry, compliance automation, and remediation workflows.
• Implement and govern controls for Microsoft Copilot and GitHub Copilot, including data governance, content filtering, access policies, code scanning, vulnerability detection, and intellectual property protection.
• Drive platform hardening and posture management using Entra ID (RBAC, MFA, Conditional Access, PIM), Microsoft Defender for Cloud (AI-SPM, CSPM, DSPM), Microsoft Sentinel, Microsoft Purview, Azure Policy, and infrastructure as code (ARM, Bicep, Terraform).

The team

Our Enterprise Security offering embeds security in all aspects of digital transformation by securing a client’s technical backbone while enabling secure digital transformation. Includes security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and security for emerging technologies and connected products. 

Qualifications
Required:

• 6+ years in cloud or cybersecurity consulting with architect or project leadership responsibilities.
• 3+ years architecting security on Microsoft Azure, including controls for Azure Machine Learning or Azure OpenAI covering data protection, identity and access management, and model scanning.
• 3+ years administering or engineering Microsoft 365 at enterprise scale (Entra ID, Teams, Exchange Online, SharePoint Online, OneDrive, O365 administration).
• 2+ years designing secure MLOps pipelines, including model registry controls, secure deployment, and runtime security monitoring on Azure compute targets (AKS, ACI, serverless).
• 2+ years implementing at least two Microsoft security platforms: Microsoft Defender for Endpoint/Servers, Defender for Office, Microsoft Sentinel, Microsoft Purview, or Entra ID security features.
• Proficiency in one programming language used to automate controls and pipelines (Python or Java).
• 2+ years experience automating Azure guardrails with Azure Policy and Microsoft Defender for Cloud or third-party tools (e.g., Wiz).
• Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve.
• Limited immigration sponsorship may be available.

Preferred:

• Bachelor’s degree in Computer Science, Cybersecurity, Information Security, Engineering, or Information Technology.
• Microsoft certifications: Azure AI Engineer Associate, Azure Security Engineer Associate, SC-100/200/300/400, or SC-900.
• Security certifications: CCSP, CCSK, CISSP, CCNP, or CCNA.
• Hands-on with Microsoft Security Copilot, Defender for Cloud Apps, Defender for Vulnerabilities, and Defender XDR.
• Experience configuring Azure AI Content Safety or equivalent AI firewall/security proxy solutions to detect prompt injection, jailbreaks, and data leakage.
• Experience conducting adversarial testing, bias detection, model monitoring, and red team exercises for AI systems.
• Experience with supporting talent processes such as recruiting and coaching
• Experience with internal technical training on leading practices for Azure AI

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $144,200 - $265,600

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.