Security Event Monitoring Assistant Shift Manager

Cyber Security Cyber Risk Posted: 29-Nov-2023

Same job available in 6 locations

Alexandria, Virginia, United States

Arlington, Virginia, United States

Mclean, Virginia, United States

Richmond, Virginia, United States

Rosslyn, Virginia, United States

Washington Dc, Virginia, United States

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

Work you'll do


  • Document and report changes, trends and implications concerning the design and integration of evolving operations, systems, and solutions related to cyber threat detection and response.
  • Provide timely advice and guidance on the response action plans for cyber events and incidents based on incident type and severity.
  • When necessary, devise and document new procedures


  • Follow detailed cyber operational processes and procedures to analyze threat alerts, determine impact, initiate appropriate responses, escalate to the Incident Response team as needed, support the remediation of critical information security incidents, and perform advanced network and host analysis.
  • Handle incident escalations as necessary from other analysts.
  • Oversee completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow up activity status,
  • Responsible for identifying training needs for the junior analysts.
  • Remain current on cyber security trends and intelligence (open source and commercial) to guide the security analysis & identification capabilities of the team.
  • Ensures that all identified incidents are promptly validated and thoroughly investigated.
  • Oversee documentation owned by the GEMS team including but not limited to Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs).
  • Support AMER Shift Managers with business and operational tasks.
  • Monitor, mentor and train junior and senior analysts’ quality of work and performance.

Relationship Management

  • Report progress and escalate in a timely manner to the Service Delivery Manager.
  • Provide oversight and guidance to junior (Tier 1) and senior (Tier 2) analysts specific to monitor, detect, analyze, remediate, and report on cybersecurity incidents.
  • Coordinate with the Security Tool specialists to implement new or enhanced content.
  • Coordinate with other cyber, engineering, IT and member firm teams on cyber incidents.

    The team

    The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte’s global network of firms around the globe.



    • Bachelor’s degree: degree in computer science, mathematics, engineering, or other technical degree preferred.
    • Master’s degree encouraged but not required.

    Work experience

    • 3 to 5 years of combined experience in the Information Security / Cybersecurity domain with a focus on cybersecurity event and incident monitoring, detection, investigation, and response.
    • Previous leadership experience or demonstrated performance leading teams or projects which delivered results.
    • At least 2 years’ experience in a cyber fusion center, SOC, or a SOC supporting role.
    • Proven track record and experience of the following in a highly complex and global organization:
    • Working with leading SIEM technologies, IDS/IPS, network- and host- based firewalls, data loss protection (DLP), DAM (Database activity monitoring).
    • In depth, hands-on experience with at least two of the following technologies: Unix administration, Windows Server administration, Active Directory, Windows Workstation, Routers /Switches management, Firewall Management, SANS/NAS, Web servers, IAM/AAA.
    • IDS/HDS, System vulnerability scanning tools, Application/Database vulnerability scanning tools, mobile device analysis or Secure coding.
    • Analyzing possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc. and coordinating remediation actions as necessary.
    • Strong leadership skills and/or ability to manage teams and shifts of analysts effectively.
    • Experience with SOC ticketing systems and proven SOC process knowledge


    • Valued, not required:  Professional security certification preferred, such as SANS 401, SANS 503 (Intrusion Analysis), SANS 504 (Incident Handling), SANS 511 (Monitoring), Certified Intrusion Analyst (GIAC), Certified Ethical Hacker (CEH), Certified Expert Penetration Tester (CEPT).
    • Professional security management certification desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.

    Our culture

    At Deloitte Global people are valued and respected for who they are – with opportunities to bring their unique perspectives, talents and passions to business challenges. Our global workspace creates room for individuality and collaboration. Ours is an inclusive, supportive, connected culture with a focus on development, flexibility, and well-being. This culture makes Deloitte Global one of the most rewarding places to work, and to transform your career.

    Professional development

    From entry-level employees to senior leaders, we believe in investing in you, helping you identify and hone your unique strengths at every step of your career. We offer opportunities to build new skills, take on leadership opportunities, and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.


    At Deloitte, we value our people and offer employees a broad range of benefits. Our Total Rewards program reflects our continued commitment to lead from the front in everything we do—that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being.

    Recruiting for this role ends on February 22, 2024.

    At Deloitte Global, we know we’re at our best when we look out for one another; prioritize respect, fairness, development and wellbeing; foster an inclusive culture and embrace diversity in all forms. All qualified applicants will receive consideration for employment regardless of their background, experience, identity, ability or thinking style, and if you need assistance or an accommodation during the application process for accessibility reasons this is available upon request. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.
    February 22, 2024