Deloitte Global

• Serve as a primary escalation point for other GSOC analysts during the course of advanced incident investigation
• Provide guidance on response action plans for events and incidents based on a wide range of incidents
• Provide intermediate-level event analysis, incident detection, and escalate to leads as appropriate
• Advanced analysis of the results of a wide range of threat detection and incident response platforms
• Ensure that all identified events are promptly validated and thoroughly investigated  
• Collaborating with the Deloitte Cyber Threat Intelligence team, and leverage Open-Source Intelligence (OSINT) to identify and search for new malicious Indicators of Compromise (IOCs)   
• Provide oversight and guidance to junior Analysts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents
• Responsible for identifying training needs for the junior analysts  
• Oversee documentation owned by the GSOC team including, but not limited to, Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs) 
• Create and document new Standard Operating Procedures (SOPs)
• Coordinate with the Security Tool specialists to implement new or enhanced threat detection logic, signatures, and/or IOCs

• Minimum of 2 years of combined experience in the Information Security / Cybersecurity domain with a focus on security event monitoring  
• Experience with SIEM solutions, analyzing events and content creation
• In depth, hands-on experience with at least two of the following technologies: Unix administration, Windows Server administration, Active Directory, Windows Workstation, Routers /Switches management, Firewall Management, SAN/NAS, Web servers, IAM/AAA, IDS/HDS, System vulnerability scanning tools, Application/Database vulnerability scanning tools, mobile device analysis or Secure coding 
• Experience analyzing possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc.  and coordinating remediation actions as necessary    
• Willingness to work within a follow-the-sun model (no overnight shifts) to provide coverage of Deloitte networks
• Understanding of network devices such as routers, switches. TCP/IP knowledge  
• Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns  
• Experience working with IDS/IPS, network- and host- based firewalls, data leakage protection (DLP), DAM (Database activity monitoring) 
• Experience with EDR tools, operation, and analysis of events
• Proven track record of leadership skills and qualities 
• Experience working with ticketing systems
• Intermediate knowledge in system security architecture and security solutions 
• Excellent written and verbal, interpersonal and collaborative skills

 (Bonus points if you have)

• Bachelor’s degree: degree in computer science, information technology, mathematics, engineering, or other technical degree preferred  
• Security+  
• Network+  
• CySA+  
• CCNA   
• Splunk Certified User  

What Deloitte can do for you
 

• Invest in your career growth by providing you with formal and informal development programs 
• Empower you to take lead on key projects that may enhance your leadership and team building skills 
• Provide you with on-the-job training and cross-training opportunities 
• Give you the opportunity to foster your coaching and mentoring capabilities 
• Help you identify and hone your unique strengths 
• Connect you with technical & security leads within Deloitte who can become part of your career growth 
• Help you embrace leadership opportunities at every step of your career 

• 100% Remote
• Competitive pay scale 
• Empowered well-being 
• Paid time off and collective disconnect holidays 
• Competitive medical, dental and vision plans 
• Paid parental leave 
• Physical and mental wellness programs 
• Pension plans and 401(k) for retirement