Cyber Defense & Resilience Security Operations Senior Consultant

Cyber Defense & Resilience Security Operations Senior Consultant

Engineering and Product | Cyber Architecture and Engineering Management

Milwaukee, Wisconsin, United States

Position Summary

Cyber Defense & Resilience Security Operations Senior Consultant

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.

The team

Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions.

Work you’ll do:

• Assist in increasing the maturity of key security operations capabilities (e.g., program governance, detection engineering, threat analysis and response) across governance, people, processes, and technology.
• Deliver assessments and implementations of Next-Gen SIEM platforms, including platform deployment, data source onboarding, content development and tuning, architecture, troubleshooting, and triaging complex issues associated with operating Next-Gen SIEM platforms.
• Develop and maintain automations to facilitate scalable Next-Gen SIEM platform deployment activities (e.g., data ingestion, parser and data model development, detection use case testing).
• Drive detection and automation use case content development and deployment across clients based on client priorities and relevant cyber risks and threats.
• Align detection use case development with business needs and based on the industry leading standards, best practices and frameworks (e.g., MITRE ATT&CK).
• Help define Deloitte’s perspective on the latest Security Operations Center (SOC) trends, capabilities, and technologies via established Points of Views and collaborative client workshops.
• Develop procedural collateral, including process flows, Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs), interaction models, analyst runbooks, and detection use case testing documentation to enable standardized responses to identified cyber threats.
• Conduct SOC Capability Assessments, leveraging leading practices to evaluate current state capabilities and aligning targeted recommendations to a strategic roadmap.
• Build comprehensive strategies for SOCs, including program roadmaps, leveraging Deloitte’s Capability Framework and leading practices
• Support the design and implementation of SOC operating models, identifying, evaluating, and providing solutions to evaluate complex business via a threat-based approach.
• Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements.
• Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services. 
• Assist in building and nurturing positive working relationships with clients with the intention to exceed client expectations.
• Help facilitate client and stakeholder workshops, interviews, and process walkthroughs to document key takeaways, end-to-end business processes, strategic goals and objectives, and programmatic requirements
• Leverage the Microsoft Suite (e.g., Microsoft PowerPoint, Microsoft Word, Microsoft Visio) to create and design effective presentations to communicate project outcomes to clients.
• Support effective project execution through project management activities including project kickoffs, stakeholder identification, interview and workshop coordination, document requests and evidence collection, and deliverable creation.
• Track and communicate engagement performance and planning to Deloitte engagement management, ensuring project milestones remain on track and are completed as per engagement objectives, and risks are escalated, as required.
• Participate actively in decision-making with engagement management to understand the broader impact of engagement decisions, risks, and objectives.
• Collaborate with US and US-India Consultants and Analysts to ensure the effective delivery of security operations services and capabilities, develop Deloitte’s SOC thought leadership and associated accelerators, and upskill team members on processes, governance, and frameworks (e.g., MITRE ATT&CK, NIST 800-53).
• Utilize industry-leading practices and technology-based tools or methodologies to enhance the applicability and relevance of Deloitte SOC strategy services provided to clients.
• Collaborate with Practice Leadership to build go-to-market methodologies and solutions to accelerate project delivery and solve client challenges.

Qualifications

Required:

• 3+ years of hands-on experience in Security Operations or Detection Engineering
• Background and knowledge of security operations capabilities, including detection engineering, attack surface management, vulnerability management, SOC analysis, investigation, and response, artificial intelligence and machine learning.
• Hands-on experience with at least one Next-Gen SIEM platform (e.g., CrowdStrike Next-Gen SIEM, Palo Alto XSIAM, Microsoft Sentinel, Google SecOps)
• Previous experience leveraging leading technology solutions for security operations, including Security Information & Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), and Case Management platforms
• Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
• Detailed knowledge in system security architecture and security solutions
• Detailed knowledge of data management, transformation, and logging capabilities
• Strong leadership experience, verbal and written communication skills, and ability to work with teams across geographical locations
• Demonstrated experience leveraging Microsoft Office tools, including Microsoft PowerPoint, Microsoft Word, Microsoft Excel, and Microsoft Visio
• Demonstrating flexibility in prioritizing and completing tasks and working collaboratively with project leadership to identify and solve key constraints, risks and issues
• Demonstrated problem solving, critical thinking and logical structuring skills
• Limited immigration sponsorship may be available
• Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve

Preferred 

• Bachelor's degree or equivalent experience
• Strong analytical and problem-solving skills
• Self-motivated to improve knowledge and skills
• Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent
• Previous experience serving as a SOC Analyst and/or conducting event analysis, triage, and investigation (Level 2 experience preferred)
• Previous experience interpreting, searching, and manipulating data with enterprise logging solutions
• Previous professional services experience or demonstrated experience in client service orientation, conflict resolution, analysis/synthesis of information, negotiation, and project management)
• Extensive experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc.
• Knowledge of and/or previous experience with: Incident Response and Readiness, Business Continuity and Disaster Recovery, CMDB/Asset Management, Information Technology, Operational Technology, Insider Risk
• Detailed knowledge of detection and automation use case development and customization, including use of user and entity behavior analytics (UEBA), security orchestration automation and response (SOAR), and machine learning (ML) capabilities
• Experience assisting in and/or responding to and recovering from a cyber incident

Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.  Our purpose
Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.  Learn more. Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

As used in this posting, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Requisition code: 303841 Job ID 303841