Cyber SOC Operate Senior Consultant - Project Delivery Lead

at  Deloitte

At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success-and to the strength of the economy and public security.
By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas.
Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities-from strategic, reputation, and financial risks to operational, cyber, and regulatory risks-to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients’ most complex issues.

Required skills

• Bachelor of Science/ Bachelor of Technology/ Bachelor of Engineering, with a concentration in computer science, information systems, information security, math, decision sciences, risk management, engineering (mechanical, electrical, industrial) or other business/technology disciplines or equivalent work experience
• Minimum 6 years of experience working in information security and/or technology engineering support experience
• Working experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc.
• Extensive knowledge of Advanced Persistent Threats (APT) tactics, techniques, and procedures
• Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• Understanding of common network infrastructure devices such as routers and switches
• Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
• Basic knowledge in system security architecture and security solutions
• Hands-on experience on QRadar (or QRoC), Proofpoint & Crowdstrike
• Expectation to be on-call during off-business hours
• Ability to travel up to 30%, on average, based on the work you do and the clients and industries/sectors you serve
• Limited immigration sponsorship may be availabl

Preferred skills

• Proven ability to translate complex information sets into specific recommendations that can be actioned by customers to enhance their security posture
• Strong understanding of threat analysis and enterprise level mitigation strategies
• Working knowledge of how malicious code operates and how technical vulnerabilities are exploited
• Strong knowledge of operating systems and networking technologies in general
• Strong knowledge of cyber threats, defenses, motivations, and techniques
• Excellent interpersonal and organizational skills
• Excellent verbal and written communication skills
• Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent
• Hands-on experience on XSIAM, Cortex XSOAR
• Hands-on experience on Netskop

As a SOC Project Delivery Lead you will supervise day-to-day operations of the SOC delivery team, maturing processes and driving new innovations.

• Responsible for managing a 24x7 team of Security Analysts serving multiple clients
• Responsible for service management of the team to include overall use of resources and initiation of corrective action where required for the SOC team, by taking inputs from SOC Manager(s)
• Responsible for the SOC team’s success in security incident monitoring, identification, assessment, quantification, reporting, communication, and mitigation efforts as contracted by clients
• Responsible for ensuring quality of service metrics are maintained and adhered to by the team, by working with Shift Leads
• Review periodic auditing of security incidents provided by L2 analysts/ Shift Leads
• Ensure compliance to Service Level Agreements (SLAs), process adherence and process improvement to achieve operational objectives
• Coordination and collaboration with SOC Manager(s) and other teams to support service delivery
• Provide tactical support as needed for major incidents impacting clients and/or FMS service incidents and issues
• Interview, train, and assess skills of analyst workforce
• Demonstrate leadership and communication skills
• Maintain individual certifications and learning requirements in FMS and Deloitte
• Actively seek self-improvement through continuous learning and pursuing career advancement
• Adhere to internal operational security and other Deloitte policies
• Coordinate with stakeholders, and build and maintain positive working relationships throughout the organization

Required skills

• Bachelor of Science/ Bachelor of Technology/ Bachelor of Engineering, with a concentration in computer science, information systems, information security, math, decision sciences, risk management, engineering (mechanical, electrical, industrial) or other business/technology disciplines or equivalent work experience
• Minimum 6 years of experience working in information security and/or technology engineering support experience
• Working experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc.
• Extensive knowledge of Advanced Persistent Threats (APT) tactics, techniques, and procedures
• Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• Understanding of common network infrastructure devices such as routers and switches
• Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
• Basic knowledge in system security architecture and security solutions
• Hands-on experience on QRadar (or QRoC), Proofpoint & Crowdstrike
• Expectation to be on-call during off-business hours
• Ability to travel up to 30%, on average, based on the work you do and the clients and industries/sectors you serve
• Limited immigration sponsorship may be available

Preferred skills

• Proven ability to translate complex information sets into specific recommendations that can be actioned by customers to enhance their security posture
• Strong understanding of threat analysis and enterprise level mitigation strategies
• Working knowledge of how malicious code operates and how technical vulnerabilities are exploited
• Strong knowledge of operating systems and networking technologies in general
• Strong knowledge of cyber threats, defenses, motivations, and techniques
• Excellent interpersonal and organizational skills
• Excellent verbal and written communication skills
• Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent
• Hands-on experience on XSIAM, Cortex XSOAR
• Hands-on experience on Netskope