58 Deloitte jobs in New York

Data Privacy Manager
Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
The Team
Enables trust and safety of online communications and digital products, protecting users, consumers, and patients from harm. Enables clients to provide consumer confidence in knowing with whom they are dealing and ensuring the integrity of access to data.
Recruiting for this role ends on 12/31/3025.
Work you'll do
Design:
+ Strategize with clients to identify privacy technology gaps that can be addressed with technology to enable future state privacy goals.
+ Lead working sessions with client stakeholders to gather technical, functional, and business requirements and establish use cases to inform future state architecture.
Architect:
+ Navigate complex IT architectures to incorporate privacy technology solutions.
+ General awareness of global and domestic privacy regulations and concepts, and how they relate to the deployment of technology in line with applicable laws and regulations.
+ General knowledge of integrating technologies with third-party tools and APIs.
Implement:
+ Configure, integrate, test, and deploy privacy tools and technologies to help clients automate their privacy capabilities and enhance customer experiences.
+ Familiar with change management, test plan design and backout plans.
+ Coordinate with client stakeholders and technology vendor representatives to clarify queries, troubleshoot implementation issues, and test end-to-end deployment and system integrations.
Manage:
+ Manage and execute project activities across the IT Software Development Life Cycle (SDLC) including leading regular check-ins with team members and vendors
+ Lead a cross-functional group of client stakeholders to meet their unique needs in a fast-paced environment.
+ Work alongside practice leaders and experienced privacy technology professionals gaining industry-leading insights into data privacy.
+ Develop and maintain technical configuration documentation.
+ Manage and provide technical oversight to solution deployment and rollout.
Required Qualifications:
+ Bachelor's degree in Computer Science, Computer Engineering, Information Technology, or similar Engineering disciplines.
+ 7+ years of overall experience.
+ 5+ years of experience in software design, architecture development, and technology implementation.
+ 4+ years of experience with Data Privacy principles such as Privacy Impact Assessment, Data Inventory, Privacy Breach Management, Data Subject Rights, Notice & Policy Management, Consent & Preference Management, Cookie Management, etc.
+ Ability to travel 25-75%, on average, based on the work you do and the clients and industries/sectors you serve.
+ Experience leading collaborative efforts across organizational silos, including multifunctional teams of IT professionals, legal/compliance teams, and business executives.
+ Familiarity with change management, deployment and operational processes in large IT organizations.
+ Limited immigration sponsorship may be available.
Preferred Qualifications:
Technical skills
+ Understand marketing technologies, including customer data platforms, consent, cookies, tag management solutions.
+ Ability to understand, develop and enhance existing client architectures and solution designs to meet data privacy requirements.
+ Prior experience in performing SaaS implementations for complex organizations and IT ecosystems.
+ Ability to comprehend and execute basic technology concepts such as Application Programming Interfaces (API's), system requests methods (GET/POST), etc.
+ Demonstrated experience in performing integrations with Marketing Platforms (e.g., Sales Force Marketing Cloud), Master Data Management (e.g., Informatica MDM), Customer Relationship Management (CRM), and middleware (MuleSoft, Kafka).
+ 4+ years of experience implementing privacy solutions such as OneTrust, BigID, Securiti.ai.
+ Hands-on experience and knowledge of software engineering concepts/technologies, such as:
+ JavaScript, RESTful APIs, HTTP Requests, JDBC, HTML CSS
+ SQL, NoSQL, database management concepts
+ API management tools such as Apigee, Postman
+ Agile/Scrum methodology to build and rollout complex softwaresolutions
+ Understanding of privacy program requirements and capabilities such as data inventory, data subject rights, consent and preference management, privacy by design, privacy impact assessments, incident response, third-party risk, etc.
+ Knowledge of Data Privacy Laws and Regulations: Familiarity with data privacy legislation such as GDPR, CCPA, LGPD, and other regional or industry-specific privacy regulations.
+ Communication Skills: Strong written and verbal communication skills to effectively articulate complex privacy concepts to business-facing audiences, such as clients and other team members.
+ Project Management Experience: Experience in managing projects, including planning, risk management, resource management, and meeting project timelines.
+ Teamwork and Collaboration: Proven experience in working effectively with diverse teams.
+ Change Management: Understanding of change management principles and approaches, to enable successful implementation and adoption of privacy solutions.
+ Master's degree in Computer Science, Computer Engineering, Information Technology, or similar Engineering disciplines.
+ Certifications in one or more of the following: CIPT, CIPM, CISSP, CPDSE, CIPT, Agile/Scrum Master.
+ Experience with application development and testing using one or more programming or scripting languages (e.g., .Net, C#, Python).
+ Understanding of Ad-Tech / Mar-Tech ecosystem, frameworks, tools, and solutions.
Information for applicants with a need for accommodation: wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $144,200 - $265,600.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
Recruiting for the role ends on 12/31/2025
Work you'll do
As a Senior Manager for Microsoft Identity, you will be at the front lines with our clients supporting them with their identity needs specifically helping them address Entra ID health and navigate the journey to the cloud on the Microsoft Entra ID Platform. This will include:
+ Advise clients on strategy and designing and implementing, migrating, and operating Entra ID solutions
+ Maintain client relationships by developing a reputation as an independent professional who delivers exceptional results.
+ Serve as a subject matter expert (SME) on Entra ID for senior business and technology stakeholders.
+ Lead Identity teams at industry leading clients for deploying and advising in Entra ID services.
+ Lead business development activities such as defining scope of services, building resource estimates and related pricing, packaging proposals and supporting the delivery of the proposal to the client for ENTRA ID Identity services
+ Lead the overall delivery of multiple ENTRA ID projects in a project leader and program manager role, overseeing the activities of onsite and offshore engineers and architects
+ Function as the primary client day to day interface building rapport and trust with the client
+ Review and oversee the generation of all project deliverables such as assessment reports, system designs/ architectures and risk/security recommendations
+ Maintain strong domain knowledge ENTRA ID solutions
+ Lead the execution of ENTRA ID engagements during different phases of the lifecycle - assess, design, and implementation. ENTRA ID may include the full and broad features set of the platform as defined in Entra ID Premium SKU's
+ Lead engagements to perform technical health checks for ENTRA ID platforms/environments prior to broader deployments.
+ Oversee technical support for ENTRA ID cyber services and resolve service-related issues through research and troubleshooting and working with vendors.
+ Architect, design, and implement large-scale Entra ID deployments/migrations/upgrades with a project team
+ Performing technical health checks for the ENTRA ID platforms/environments prior to broader deployments with a project team.
+ Supporting proof of concept and production deployments of Entra ID with a project team.
+ Assisting clients with transitions to the Microsoft ENTRA ID cloud services such as tenant setup and service configuration, focused on cloud cyber risk mitigation. Additional technologies include: Microsoft MFA, SSO, Conditional Access, PIM, B2B and B2C
+ Assisting clients with Entra B2B, B2C including SAML, OAUTH, OpenID Connect protocols
+ Assisting clients with Migrating applications (legacy platforms or other) to Azure AD
+ Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration
+ Assisting clients with configuration and delivery of Microsoft Defender for Identity
+ Providing technical support for ENTRA ID services and resolve service-related issues through research and troubleshooting and working with Microsoft.
+ Implementation of industry leading practices around ENTRA ID cyber risks and cloud security for clients.
+ Lead teams troubleshooting system level problems in a multi-vendor, multi-protocol network environment.
+ Lead teams documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps.
+ Lead teams performing health check, discovery and cleanup of Active Directory Infrastructure
+ Lead teams analyzing and reviewing Active Directory services such as DNS, DHCP, Group Policy etc.
+ Provide internal technical training to Advisory personnel as needed.
+ Support Digital Identity team on client calls as necessary.
+ Acting as a subject matter expert for the Microsoft Entra ID platforms.
+ Lead eminence activities, such as whitepapers and POV's pertaining to Microsoft IAM technologies
+ Lead talent processes in the senior manager role such as for recruiting and coaching of employees in the Entra ID space
The team
Enables trust and safety of online communications and digital products, protecting users, consumers, and patients from harm. Enables clients to provide consumer confidence in knowing with whom they are dealing and ensuring the integrity of access to data.
Required:
+ 10+ years of experience in technical consulting, client problem solving, architecting and designing Identity solutions with a strong focus on Microsoft IAM solutions. This should be in leadership roles responsible for project scope, pricing and delivery leading multiple proposal and projects at the same time.
Must have working experience in at least one of the areas listed below.
+ 6+ years of technical experience enterprise-with Microsoft Entra ID(and Azure AD) in implementation and operations. This should include designing and implementing ENTRA ID for organizations including integrations with applications
+ 5+ years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth.
+ 5+ years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Entra ID
+ 4+ years of working knowledge with Azure Cloud service provider technologies
+ 2+ years of working knowledge with Azure Advanced Threat Protection
Additional Requirements:
+ Ability to travel upto 50%, on average, based on the work you do and the clients and industries/sectors you serve
+ BA/BS Degree required.
+ Limited visa Sponsorship may be available.
Preferred:
+ Previous Consulting or Big 4 experience preferred.
+ A mix of AD/Entra ID experience is also supported and preferred.
+ Ideally a degree in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
+ Certifications such as: Microsoft new roles-based certifications (eg. SC 300), CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus.
+ Experience with engaging C-Level executives and developing cyber risk strategies to address broad security issues strongly preferred.
+ Experience with leading multiple distributed teams across different geographies strongly preferred.
+ Experience with other Microsoft security platforms a plus
+ Knowledge of security and privacy-related industry standards and frameworks (e.g., ISO 27001/2, NIST 800-53, NIST CSF, CSA CCM) is a plus.
+ Ability to develop compelling proposals for client to clearly articulate the need for information security.
+ Excellent writing and verbal communication skills.
+ Strong project management and organizational skills.
Information for applicants with a need for accommodation: wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $175,300 - $322,900.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any depends on various factors, including, without limitation, individual and organizational performance.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
The Team
Enables trust and safety of online communications and digital products, protecting users, consumers, and patients from harm. Enables clients to provide consumer confidence in knowing with whom they are dealing and ensuring the integrity of access to data.
Recruiting for this role ends on 12/31/3025.
Work you'll do
+ Strategize with clients to identify privacy technology gaps that can be addressed with technology to enable future state privacy goals and navigate complex IT architectures to incorporate privacy technology solutions.
+ Lead working sessions with client stakeholders to gather technical, functional, and business requirements and establish use cases to inform future state architecture.
+ General awareness of global and domestic privacy regulations and concepts, and how they relate to the deployment of technology in line with applicable laws and regulations, and general knowledge of integrating technologies with third-party tools and APIs.
+ Configure, integrate, test, and deploy privacy tools and technologies to help clients automate their privacy capabilities and enhance customer experiences.
+ Coordinate with client stakeholders and technology vendor representatives to clarify queries, troubleshoot implementation issues, and test end-to-end deployment and system integrations, and manage and execute project activities across the IT Software Development Life Cycle (SDLC) including leading regular check-ins with team members and vendors
+ Develop and maintain technical configuration documentation, and manage and provide technical oversight to solution deployment and rollout.
Required Qualifications:
+ Bachelor's degree in Computer Science, Computer Engineering, Information Technology, or similar Engineering disciplines
+ 2+ years of experience in software design, architecture development, and technology implementation
+ 1+ years of experience with OneTrust and relevant OneTrust certification
+ Ability to travel 25-75%, on average, based on the work you do and the clients and industries/sectors you serve
Preferred Qualifications:
Technical skills
+ Understand marketing technologies, including customer data platforms, consent, cookies, tag management solutions
+ Ability to understand, develop and enhance existing client architectures and solution designs to meet data privacy requirements
+ Prior experience in performing SaaS implementations for complex organizations and IT ecosystems.
+ Ability to comprehend and execute basic technology concepts such as Application Programming Interfaces (API's), system requests methods (GET/POST), etc.
+ Demonstrated experience in performing integrations with Marketing Platforms (e.g., Sales Force Marketing Cloud), Master Data Management (e.g., Informatica MDM) and middleware (MuleSoft, Kafka)
+ Familiarity with privacy tools such as OneTrust, BigID, Securiti.ai, etc.
+ Hands-on experience and knowledge of software engineering concepts/technologies, such as:
+ JavaScript, RESTful APIs, HTTP Requests, JDBC, HTML CSS
+ SQL, NoSQL, database management concepts
+ API management tools such as Apigee, Postman
+ Agile/Scrum methodology to build and rollout complex software solutions
+ Understanding of privacy program requirements and capabilities such as data inventory, data subject rights, consent and preference management, privacy by design, privacy impact assessments, incident response, third-party risk, etc.
+ Knowledge of Data Privacy Laws and Regulations: Familiarity with data privacy legislation such as GDPR, CCPA, LGPD, and other regional or industry-specific privacy regulations.
+ Communication Skills: Strong written and verbal communication skills to effectively articulate complex privacy concepts to business-facing audiences, such as clients and other team members.
+ Project Management Experience: Experience in managing projects, including planning, risk management, resource management, and meeting project timelines.
+ Teamwork and Collaboration: Proven experience in working effectively with diverse teams.
+ Change Management: Understanding of change management principles and approaches, to enable successful implementation and adoption of privacy solutions.
+ Master's degree in Computer Science, Computer Engineering, Information Technology, or similar Engineering disciplines
+ 1+ years of experience implementing privacy solutions such as OneTrust, BigID, Securiti.ai
+ Certifications in one or more of the following: CIPT, CIPM, CISSP, CPDSE, CIPT, Agile/Scrum Master, OneTrust
+ Experience with application development and testing using one or more programming or scripting languages (e.g., .Net, C#, Python)
+ Understanding of Ad-Tech / Mar-Tech ecosystem, frameworks, tools, and solutions
+ Limited sponsorship may be available
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $88,600- $163,100.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Information for applicants with a need for accommodation: qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Data Privacy Manager
Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
The Team
Enables trust and safety of online communications and digital products, protecting users, consumers, and patients from harm. Enables clients to provide consumer confidence in knowing with whom they are dealing and ensuring the integrity of access to data.
Recruiting for this role ends on 12/31/3025.
Work you'll do
Design:
+ Strategize with clients to identify privacy technology gaps that can be addressed with technology to enable future state privacy goals.
+ Lead working sessions with client stakeholders to gather technical, functional, and business requirements and establish use cases to inform future state architecture.
Architect:
+ Navigate complex IT architectures to incorporate privacy technology solutions.
+ General awareness of global and domestic privacy regulations and concepts, and how they relate to the deployment of technology in line with applicable laws and regulations.
+ General knowledge of integrating technologies with third-party tools and APIs.
Implement:
+ Configure, integrate, test, and deploy privacy tools and technologies to help clients automate their privacy capabilities and enhance customer experiences.
+ Familiar with change management, test plan design and backout plans.
+ Coordinate with client stakeholders and technology vendor representatives to clarify queries, troubleshoot implementation issues, and test end-to-end deployment and system integrations.
Manage:
+ Manage and execute project activities across the IT Software Development Life Cycle (SDLC) including leading regular check-ins with team members and vendors
+ Lead a cross-functional group of client stakeholders to meet their unique needs in a fast-paced environment.
+ Work alongside practice leaders and experienced privacy technology professionals gaining industry-leading insights into data privacy.
+ Develop and maintain technical configuration documentation.
+ Manage and provide technical oversight to solution deployment and rollout.
Required Qualifications:
+ Bachelor's degree in Computer Science, Computer Engineering, Information Technology, or similar Engineering disciplines.
+ 7+ years of overall experience.
+ 5+ years of experience in software design, architecture development, and technology implementation.
+ 4+ years of experience with Data Privacy principles such as Privacy Impact Assessment, Data Inventory, Privacy Breach Management, Data Subject Rights, Notice & Policy Management, Consent & Preference Management, Cookie Management, etc.
+ Ability to travel 25-75%, on average, based on the work you do and the clients and industries/sectors you serve.
+ Experience leading collaborative efforts across organizational silos, including multifunctional teams of IT professionals, legal/compliance teams, and business executives.
+ Familiarity with change management, deployment and operational processes in large IT organizations.
+ Limited immigration sponsorship may be available.
Preferred Qualifications:
Technical skills
+ Understand marketing technologies, including customer data platforms, consent, cookies, tag management solutions.
+ Ability to understand, develop and enhance existing client architectures and solution designs to meet data privacy requirements.
+ Prior experience in performing SaaS implementations for complex organizations and IT ecosystems.
+ Ability to comprehend and execute basic technology concepts such as Application Programming Interfaces (API's), system requests methods (GET/POST), etc.
+ Demonstrated experience in performing integrations with Marketing Platforms (e.g., Sales Force Marketing Cloud), Master Data Management (e.g., Informatica MDM), Customer Relationship Management (CRM), and middleware (MuleSoft, Kafka).
+ 4+ years of experience implementing privacy solutions such as OneTrust, BigID, Securiti.ai.
+ Hands-on experience and knowledge of software engineering concepts/technologies, such as:
+ JavaScript, RESTful APIs, HTTP Requests, JDBC, HTML CSS
+ SQL, NoSQL, database management concepts
+ API management tools such as Apigee, Postman
+ Agile/Scrum methodology to build and rollout complex softwaresolutions
+ Understanding of privacy program requirements and capabilities such as data inventory, data subject rights, consent and preference management, privacy by design, privacy impact assessments, incident response, third-party risk, etc.
+ Knowledge of Data Privacy Laws and Regulations: Familiarity with data privacy legislation such as GDPR, CCPA, LGPD, and other regional or industry-specific privacy regulations.
+ Communication Skills: Strong written and verbal communication skills to effectively articulate complex privacy concepts to business-facing audiences, such as clients and other team members.
+ Project Management Experience: Experience in managing projects, including planning, risk management, resource management, and meeting project timelines.
+ Teamwork and Collaboration: Proven experience in working effectively with diverse teams.
+ Change Management: Understanding of change management principles and approaches, to enable successful implementation and adoption of privacy solutions.
+ Master's degree in Computer Science, Computer Engineering, Information Technology, or similar Engineering disciplines.
+ Certifications in one or more of the following: CIPT, CIPM, CISSP, CPDSE, CIPT, Agile/Scrum Master.
+ Experience with application development and testing using one or more programming or scripting languages (e.g., .Net, C#, Python).
+ Understanding of Ad-Tech / Mar-Tech ecosystem, frameworks, tools, and solutions.
Information for applicants with a need for accommodation: wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $144,200 - $265,600.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
Recruiting for the role ends on 12/31/2025
Work you'll do
As a Senior Manager for Microsoft Identity, you will be at the front lines with our clients supporting them with their identity needs specifically helping them address Entra ID health and navigate the journey to the cloud on the Microsoft Entra ID Platform. This will include:
+ Advise clients on strategy and designing and implementing, migrating, and operating Entra ID solutions
+ Maintain client relationships by developing a reputation as an independent professional who delivers exceptional results.
+ Serve as a subject matter expert (SME) on Entra ID for senior business and technology stakeholders.
+ Lead Identity teams at industry leading clients for deploying and advising in Entra ID services.
+ Lead business development activities such as defining scope of services, building resource estimates and related pricing, packaging proposals and supporting the delivery of the proposal to the client for ENTRA ID Identity services
+ Lead the overall delivery of multiple ENTRA ID projects in a project leader and program manager role, overseeing the activities of onsite and offshore engineers and architects
+ Function as the primary client day to day interface building rapport and trust with the client
+ Review and oversee the generation of all project deliverables such as assessment reports, system designs/ architectures and risk/security recommendations
+ Maintain strong domain knowledge ENTRA ID solutions
+ Lead the execution of ENTRA ID engagements during different phases of the lifecycle - assess, design, and implementation. ENTRA ID may include the full and broad features set of the platform as defined in Entra ID Premium SKU's
+ Lead engagements to perform technical health checks for ENTRA ID platforms/environments prior to broader deployments.
+ Oversee technical support for ENTRA ID cyber services and resolve service-related issues through research and troubleshooting and working with vendors.
+ Architect, design, and implement large-scale Entra ID deployments/migrations/upgrades with a project team
+ Performing technical health checks for the ENTRA ID platforms/environments prior to broader deployments with a project team.
+ Supporting proof of concept and production deployments of Entra ID with a project team.
+ Assisting clients with transitions to the Microsoft ENTRA ID cloud services such as tenant setup and service configuration, focused on cloud cyber risk mitigation. Additional technologies include: Microsoft MFA, SSO, Conditional Access, PIM, B2B and B2C
+ Assisting clients with Entra B2B, B2C including SAML, OAUTH, OpenID Connect protocols
+ Assisting clients with Migrating applications (legacy platforms or other) to Azure AD
+ Assisting clients cleaning up the Active Directory environment and prepare them for Azure AD/O365 migration
+ Assisting clients with configuration and delivery of Microsoft Defender for Identity
+ Providing technical support for ENTRA ID services and resolve service-related issues through research and troubleshooting and working with Microsoft.
+ Implementation of industry leading practices around ENTRA ID cyber risks and cloud security for clients.
+ Lead teams troubleshooting system level problems in a multi-vendor, multi-protocol network environment.
+ Lead teams documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps.
+ Lead teams performing health check, discovery and cleanup of Active Directory Infrastructure
+ Lead teams analyzing and reviewing Active Directory services such as DNS, DHCP, Group Policy etc.
+ Provide internal technical training to Advisory personnel as needed.
+ Support Digital Identity team on client calls as necessary.
+ Acting as a subject matter expert for the Microsoft Entra ID platforms.
+ Lead eminence activities, such as whitepapers and POV's pertaining to Microsoft IAM technologies
+ Lead talent processes in the senior manager role such as for recruiting and coaching of employees in the Entra ID space
The team
Enables trust and safety of online communications and digital products, protecting users, consumers, and patients from harm. Enables clients to provide consumer confidence in knowing with whom they are dealing and ensuring the integrity of access to data.
Required:
+ 10+ years of experience in technical consulting, client problem solving, architecting and designing Identity solutions with a strong focus on Microsoft IAM solutions. This should be in leadership roles responsible for project scope, pricing and delivery leading multiple proposal and projects at the same time.
Must have working experience in at least one of the areas listed below.
+ 6+ years of technical experience enterprise-with Microsoft Entra ID(and Azure AD) in implementation and operations. This should include designing and implementing ENTRA ID for organizations including integrations with applications
+ 5+ years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth.
+ 5+ years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Entra ID
+ 4+ years of working knowledge with Azure Cloud service provider technologies
+ 2+ years of working knowledge with Azure Advanced Threat Protection
Additional Requirements:
+ Ability to travel upto 50%, on average, based on the work you do and the clients and industries/sectors you serve
+ BA/BS Degree required.
+ Limited visa Sponsorship may be available.
Preferred:
+ Previous Consulting or Big 4 experience preferred.
+ A mix of AD/Entra ID experience is also supported and preferred.
+ Ideally a degree in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
+ Certifications such as: Microsoft new roles-based certifications (eg. SC 300), CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus.
+ Experience with engaging C-Level executives and developing cyber risk strategies to address broad security issues strongly preferred.
+ Experience with leading multiple distributed teams across different geographies strongly preferred.
+ Experience with other Microsoft security platforms a plus
+ Knowledge of security and privacy-related industry standards and frameworks (e.g., ISO 27001/2, NIST 800-53, NIST CSF, CSA CCM) is a plus.
+ Ability to develop compelling proposals for client to clearly articulate the need for information security.
+ Excellent writing and verbal communication skills.
+ Strong project management and organizational skills.
Information for applicants with a need for accommodation: wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $175,300 - $322,900.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any depends on various factors, including, without limitation, individual and organizational performance.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
Recruiting for this role ends on December 25, 2025.
Work you'll do
As a Manager, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Entra ID Platform. This will include:
+ Conducting analysis and recommendations of clients' Microsoft Entra ID and Active Directory environments. This can include Entra ID components such as tenant configurations and hardening, IGA, MFA, SSO and IDP migrations, conditional access, B2B and B2C
+ Architect, design, and implement large-scale Active Directory deployments/migrations/upgrades, and execute on AD engagements during different phases of the lifecycle - assess, design, and implementation & post implementation reviews.
+ Performing technical health checks for the AD platforms/environments prior to broader deployments, supporting proof of concept and production deployments of AD.
+ Assisting clients with transitions to the Microsoft Entra ID services such as tenant setup and service configuration, Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols, migrating applications (legacy platforms or other) to Entra ID as the IDP, cleaning up the Active Directory environment and preparing for Azure AD/O365 migration/ integration, domain clean-up activities including, privileged groups and service accounts management, configuration and delivery of Entra ID and AD security and compliance reports and advanced threat protection capabilities such as Defender for Identity, manage/migrate/deploy their LDAP environments including application integration, server upgrades and patching, prepare their Active Directory DR plans and perform regular DR trial runs
+ Providing technical support for AD services and resolve service-related issues through research and troubleshooting and working with Microsoft, document platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps, and perform health check, discovery and cleanup of Active Directory and Entra ID Infrastructure
+ Acting as a subject matter expert on cyber risk for the Microsoft Active Directory platforms.
The team
Enables trust and safety of online communications and digital products, protecting users, consumers, and patients from harm. Enables clients to provide consumer confidence in knowing with whom they are dealing and ensuring the integrity of access to data.
Required:
+ Ability to travel 25-50%, on average, based on the work you do and the clients and industries/sectors you serve
+ 7+ years of experience in technical consulting, client problem solving, architecting, and designing solutions around Microsoft Identity solutions ( (Active Directory).
+ Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
Preferred: Working experience in at least one of the areas listed below.
+ 7+ years of hands-on technical experience enterprise-with Microsoft Identity and Access management services (Active Directory) in implementation and operations. This should include designing and implementing AD for organizations including integrations with applications.
+ 7+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications, ADFS, AD Domain Clean up, Domain and Forest Recovery, managing GPO objects and gMSA and security groups. IAM solution integration with AAD and VDS in implementation and operations. This should include designing and implementing Active Directory trusts and federation for organizations including integrations with applications for SSO and object provisioning.
Also preferred:
+ 5+ years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth.
+ 5+ years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory.
+ Certifications such as: Microsoft new roles-based certifications (eg. SC 300), CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus.
+ Limited immigration sponsorship may be available.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $144,200 - $265,600.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Information for applicants with a need for accommodation: qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
Recruiting for this role ends on December 25, 2025.
Work you'll do
As a Manager, you will be at the front lines with our clients supporting them with their Cyber Risk needs specifically helping them address Active Directory (AD) health and navigate the journey to the Cloud on the Microsoft Entra ID Platform. This will include:
+ Conducting analysis and recommendations of clients' Microsoft Entra ID and Active Directory environments. This can include Entra ID components such as tenant configurations and hardening, IGA, MFA, SSO and IDP migrations, conditional access, B2B and B2C
+ Architect, design, and implement large-scale Active Directory deployments/migrations/upgrades, and execute on AD engagements during different phases of the lifecycle - assess, design, and implementation & post implementation reviews.
+ Performing technical health checks for the AD platforms/environments prior to broader deployments, supporting proof of concept and production deployments of AD.
+ Assisting clients with transitions to the Microsoft Entra ID services such as tenant setup and service configuration, Azure B2B, B2C including SAML, OAUTH, OpenID Connect protocols, migrating applications (legacy platforms or other) to Entra ID as the IDP, cleaning up the Active Directory environment and preparing for Azure AD/O365 migration/ integration, domain clean-up activities including, privileged groups and service accounts management, configuration and delivery of Entra ID and AD security and compliance reports and advanced threat protection capabilities such as Defender for Identity, manage/migrate/deploy their LDAP environments including application integration, server upgrades and patching, prepare their Active Directory DR plans and perform regular DR trial runs
+ Providing technical support for AD services and resolve service-related issues through research and troubleshooting and working with Microsoft, document platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps, and perform health check, discovery and cleanup of Active Directory and Entra ID Infrastructure
+ Acting as a subject matter expert on cyber risk for the Microsoft Active Directory platforms.
The team
Enables trust and safety of online communications and digital products, protecting users, consumers, and patients from harm. Enables clients to provide consumer confidence in knowing with whom they are dealing and ensuring the integrity of access to data.
Required:
+ Ability to travel 25-50%, on average, based on the work you do and the clients and industries/sectors you serve
+ 7+ years of experience in technical consulting, client problem solving, architecting, and designing solutions around Microsoft Identity solutions ( (Active Directory).
+ Tech/BE/BCA/MCA Degree required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
Preferred: Working experience in at least one of the areas listed below.
+ 7+ years of hands-on technical experience enterprise-with Microsoft Identity and Access management services (Active Directory) in implementation and operations. This should include designing and implementing AD for organizations including integrations with applications.
+ 7+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory. This should include designing and implementing AD for organizations including integrations with applications, ADFS, AD Domain Clean up, Domain and Forest Recovery, managing GPO objects and gMSA and security groups. IAM solution integration with AAD and VDS in implementation and operations. This should include designing and implementing Active Directory trusts and federation for organizations including integrations with applications for SSO and object provisioning.
Also preferred:
+ 5+ years of working with IAM Protocols such as WS-Fed, SAML, OpenID Connect and OAuth.
+ 5+ years of hands-on technical experience implementing IAM focused security solutions for Microsoft technologies such as Active Directory.
+ Certifications such as: Microsoft new roles-based certifications (eg. SC 300), CCSP, CCSK, CISSP, CCNP, CCNA, MCSE, MCSA certification a plus.
+ Limited immigration sponsorship may be available.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $144,200 - $265,600.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Information for applicants with a need for accommodation: qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
Recruiting for the role ends on 12/25/2025
The Team
Our Cyber Strategy & Transformation offering develops and transforms cyber programs in line with a client's strategic objectives, regulatory requirements, and risk appetite. It keeps the enterprise a step ahead of the evolving threat landscape and gives stakeholders confidence in the organization's cyber posture. Includes design of the cyber organization, governance, and risk assessments.
Work You'll Do
+ Serve as a subject matter expert and trusted advisor to our clients, assisting them to evaluate strategic and practical data protection and encryption requirements based on new and emerging data risks, advising on best practices for data encryption, decryption, and secure key management
+ Assist clients in designing, implementing and operating technology and process solutions to reduce data risks
+ Assist clients in developing and leading the implementation of encryption strategies to protect sensitive data across various environments, including cloud, on-premises, and hybrid infrastructures
+ Assist clients to manage the deployment and lifecycle of PKI systems, ensuring robust and scalable certificate management processes. Monitor and maintain the health of certificate infrastructures to prevent downtime and security breaches.
+ Assist clients with developing requirements, evaluating vendor solutions, architecting, implementing and operating data protection solutions
+ Aid in the delivery of client engagements, ensuring success by:
+ Driving day-to-day execution, communicating updates to clients and firm leadership
+ Providing leadership and support to delivery teams to ensure completion and accuracy of high-quality work products
+ Tracking and reporting on project timelines to ensure on time and on budget delivery
+ Contribute to Deloitte's thought leadership in client organizations and external marketplace
+ Foster an environment of inclusion and well-being
+ Stay up to date on emerging encryption technologies (e.g., post-quantum cryptography, confidential computing, secure enclaves, envelop encryption) and industry trends around cyber risk, data protection and cryptography practices.
+ Proactively evaluate and recommend new tools and solutions to enhance data security
Qualifications
Required:
+ 4+ years of professional experience within data protection and information security, which may include Data Discovery, Data Classification and Rights Management, Data Access Governance, Data Loss Prevention, Cloud Access Security Broker, Encryption, Certificate Lifecycle Management, Cloud Security, SaaS Security
+ 2+ years of professional experience managing and implementing various encryption technologies (e.g., database encryption, file encryption, Public Key Infrastructure (PKI), certificate lifecycle management (CLM), transport layer security(TLS)) and strong understanding of Cloud encryption concepts such as client-side encryption, bring your own key (BYOK), server-side encryption.
+ 2+ years of professional experience developing data protection strategies, roadmaps and frameworks; experience may include designing, implementing and operating data protections services
+ 2+ years of total hands-on technical experience with one or more data protection technologies
+ Bachelor's degree in Cybersecurity, Information Security, Engineering, Computer Science, Information Technology or related field
+ Ability to travel 25-50%, on average, based on the work you do and the clients and industries/sectors you serve
+ Limited sponsorship maybe available
Preferred:
+ Quantum readiness and AI protection experience a strong plus
+ Significant industry work experience preferred
+ Experience with public cloud (Azure, AWS, GCP) security and modern data platforms (e.g., Snowflake, Data bricks, Starburst)
+ Experience in vendor relationship management with market leading data protection and encryption vendors (e.g., Thales, AppViewX, Venafi, Fortanix, Digicert, Protegrity)
+ Experience defining data protection use cases, documenting business requirements and evaluating technology solutions
+ Experience with data risk program design, including alignment to cybersecurity and compliance programs.
+ Experience working with data protection and information security policies, standards and procedures
+ Experience leading collaborative efforts across organizational silos, including multifunctional teams of IT professionals, legal/compliance teams, and business executives
+ Experience with cloud collaboration tools and security/compliance, particularly Microsoft 365
+ Familiarity with change management, deployment and operational processes in large IT organizations
+ Professional certifications such as CISSP, CISM, or similar.
+ Experience or familiarity with emerging data protection technologies for user communications, e.g., Secure Access Service Edge, Data Security Posture Management, Data Security Platforms and Synthetic Data
+ Familiarity with networks, firewalls, IDS/IPS, and end point security
+ Familiarity with popular databases on both windows and UNIX platforms, including Oracle and MS SQL
+ Familiarity with common identity, authentication, and directory services, such as Active Directory and LDAP
+ Familiarity with sophisticated multinational companies and distributed business models
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $118,700 - $218,600.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Information for applicants with a need for accommodation: qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Cyber Encryption Senior Consultant
Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
Recruiting for this role ends on 12/31/2025
The Team
Our Cyber Strategy & Transformation offering develops and transforms cyber programs in line with a client's strategic objectives, regulatory requirements, and risk appetite. It keeps the enterprise a step ahead of the evolving threat landscape and gives stakeholders confidence in the organization's cyber posture. Includes design of the cyber organization, governance, and risk assessments.
Work You'll Do
+ Serve as a subject matter expert and trusted advisor to our clients, assisting them to evaluate strategic and practical data protection and encryption requirements based on new and emerging data risks, advising on best practices for data encryption, decryption, and secure key management
+ Assist clients in designing, implementing and operating technology and process solutions to reduce data risks, developing and leading the implementation of encryption strategies to protect sensitive data across various environments, including cloud, on-premises, and hybrid infrastructures, to manage the deployment and lifecycle of PKI systems, ensuring robust and scalable certificate management processes, monitor and maintain the health of certificate infrastructures to prevent downtime and security breaches, and assist with developing requirements, evaluating vendor solutions, architecting, implementing and operating data protection solutions
+ Aid in the delivery of client engagements, ensuring success by:
+ Driving day-to-day execution, communicating updates to clients and firm leadership
+ Providing leadership and support to delivery teams to ensure completion and accuracy of high-quality work products
+ Tracking and reporting on project timelines to ensure on time and on budget delivery
+ Stay up to date on emerging encryption technologies (e.g., post-quantum cryptography, confidential computing, secure enclaves, envelope encryption) and industry trends around cyber risk, data protection and cryptography practices.
+ Proactively evaluate and recommend new tools and solutions to enhance data security
Qualifications
Required:
+ 4+ years of professional experience within data protection and information security, which may include Data Discovery, Data Classification and Rights Management, Data Access Governance, Data Loss Prevention, Cloud Access Security Broker, Encryption, Certificate Lifecycle Management, Cloud Security, SaaS Security
+ 2+ years of professional experience managing and implementing various encryption technologies (e.g., database encryption, file encryption, Public Key Infrastructure (PKI), certificate lifecycle management (CLM), transport layer security (TLS)) and strong understanding of Cloud encryption concepts such as client-side encryption, bring your own key (BYOK), server-side encryption.
+ 2+ years of professional experience developing data protection strategies, roadmaps and frameworks; experience may include designing, implementing and operating data protections services
+ 2+ years of total hands-on technical experience with one or more data protection technologies
+ Bachelor's degree in Cybersecurity, Information Security, Engineering, Computer Science, Information Technology or related field
+ Ability to travel 25-50%, on average, based on the work you do and the clients and industries/sectors you serve
Preferred:
+ Quantum readiness and AI protection experience a strong plus
+ Significant industry work experience preferred
+ Experience with market leading data protection and encryption vendors (e.g., Thales, AppViewX, Venafi, Fortanix, DigiCert, Protegrity)
+ Experience with public cloud (Azure, AWS, GCP) security and modern data platforms (e.g., Snowflake, Databricks, Starburst)
+ Experience or familiarity with emerging data protection technologies for user communications, e.g., Secure Access Service Edge, Data Security Posture Management, Data Security Platforms and Synthetic Data
+ Familiarity with networks, firewalls, IDS/IPS, and end point security
+ Familiarity with popular databases on both windows and UNIX platforms, including Oracle and MS SQL
+ Familiarity with common identity, authentication, and directory services, such as Active Directory and LDAP
+ Familiarity with sophisticated multinational companies and distributed business models
+ Experience defining data protection use cases, documenting business requirements and evaluating technology solutions
+ Experience with data risk program design, including alignment to cybersecurity and compliance programs.
+ Experience working with data protection and information security policies, standards and procedures
+ Experience leading collaborative efforts across organizational silos, including multifunctional teams of IT professionals, legal/compliance teams, and business executives
+ Experience with cloud collaboration tools and security/compliance, particularly Microsoft 365
+ Familiarity with change management, deployment and operational processes in large IT organizations
+ Experience with vendor relationship management
+ Professional certifications such as CISSP, CISM, or similar.
+ Limited immigration sponsorship may be available.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $118,700 - 218,600.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Information for applicants with a need for accommodation: qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.