Senior Analyst - Cyber Incident Readiness, Response, and Recovery

Job Requisition ID: 36907 

About the team

Today, organisations of every size in every sector are exposed to more—and more sophisticated—cybersecurity threats on a global scale. As organisations accelerate their digital transformations, cloud adoption, and expanded partner ecosystems, they must concurrently enhance their incident readiness, response, and recovery capabilities to minimise potential business impacts if breaches to these critical systems occur.

Our Cyber Incident Readiness, Response, and Recovery (CIR3) team provides organisations with the expertise required to prepare for, respond to, and recover from cybersecurity incidents with speed, efficiency, and scale – our team support our client’s every step of the way across the entire lifecycle of an incident, to quickly uncover compromises, take back control, and help organisations emerge more resilient.

When clients have an incident, our team gets to work – fast – to identify root causes and evict threats. Our professionals apply their experience and imagination to find the most advanced threats, hiding in the darkest corners of the network. Not only do we identify where these threats are, we also remove them from the network, preventing business-disrupting damage from occurring, and implementing tailored strategies to prevent recurrences. With a unique collection of skills, methodologies, and strategic award-winning vendor relationships, we can do whatever it takes – from improving the security of a single component to delivering a holistic security transformation programme.

About the role

We are seeking a highly motivated and experienced Specialist Senior to join our Cyber Incident Readiness, Response, and Recovery (CIR3) team. This position will provide our clients with a full spectrum of services and solutions from across CIR3 storefront, supporting our clients in the delivery of proactive incident response readiness services, reactive incident response, post-breach assessments, review, and remediation, as well as supporting our managed service capability through threat hunting, monitoring and threat intelligence.

The ideal candidate will have a background in cybersecurity and incident response, with hands-on operational experience in triaging, investigating, and resolving cybersecurity incidents.

Your Impact:

• Incident Preparedness: As a subject matter expert and technical responder within our CIR3 team, you will support the delivery of a wide range of proactive engagements, including exercises and simulations, threat hunting and compromise assessments, and playbook and IR plan development.
• Technical Response: You will support our client’s when they need it most through mobilising as part of the Incident Response team when called upon to investigate cyber incidents.
• Managed Services: You will bring your frontline response experience to bear to support a range of disciplines and functionalities across our Cyber Intelligence Centre (CIC) as required, including managed Threat Hunting, Security Monitoring, and Cyber Threat Intelligence.
• Process Improvement: Continuously develop, evaluate, and improve existing security processes and workflows to ensure our solutions remain cutting-edge.

Required Skills

1. Hands-on Experience: Demonstrated track record of deploying technical expertise during time-sensitive incident response scenarios and/or experience in uplifting and embedding resilience capability
2. Technical Subject Matter Expertise:
   1. Knowledge or experience in network forensics with an emphasis on detecting malicious activity using network traffic.
   2. Knowledge or experience working with security intelligence, data analytics, security incident response, and forensic investigation teams.
   3. Knowledge or experience in forensic and memory analysis with an emphasis on detecting malicious activity using host-based artefacts on Windows and/or Unix/Linux operating systems.
   4. Tool agnostic ability to conduct preliminary malware analysis.
   5. Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques. 
3. Security Knowledge: Solid knowledge of cybersecurity principles, threat landscapes, and security frameworks, including MITRE and NIST.
4. Problem-Solving Skills: Strong analytical and problem-solving skills.
5. Communication Skills:
   1. Excellent verbal and written communication abilities to interact with technical and non-technical stakeholders.
   2. The ability to conduct technical workshops and to be able to articulate security strategies and processes to a range of stakeholders.
6. Team Collaboration: Ability to work effectively as part of a team and share your domain knowledge with other team members to improve upon readiness, response and recovery strategies.

Desirable Skills

• Certifications:
  1. Relevant certifications such as CompTIA Security+, Security Blue Team Level 1 or 2, GCFE, GREM, GCFA, GCIH, GCIA or similar.
• Cloud Security: Familiarity with cloud security tools and environments (e.g., AWS, Azure).

Qualifications

• Education: Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Experience: Minimum 2-3 years of relevant experience in cybersecurity with a focus on Digital Forensics, Incident Response, Security Operation or Threat Intelligence.

Why Deloitte 

At Deloitte, we focus our energy on interesting and impactful work. We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We put coaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world. 

We embrace diversity, equity and inclusion. We have a diverse collection of people from different backgrounds, with different experiences, gender identities, abilities and thinking styles. What binds us together is a shared commitment to value everyone’s perspective and to cultivate inclusion; so that our work environment is a safe space we can all belong.   

We prioritise flexibility and choice. At Deloitte, you get trust on Day 1. We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team, and personal commitments.

We help you live and work well. To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeing leave, paid volunteering days, twelve flexible working options, market-leading parental leave and return to work support package. 

Next Steps

Sound like the sort of role for you? Apply now, we’d love to hear from you!

By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.