L3 Security Operations Analyst

at  Deloitte

DESCRIPTION:

Job Requisition ID: 35843
CulturalFlex to observe your cultural and religious days of significance.
Rewards platform - your hard work won’t go unnoticed at Deloitte.
Training and development - at Deloitte we believe in investing in our best assets, the people!
What will your typical day look like?
You will work with a variety of tools to provide comprehensive Managed Detection and Response Services to an international client base. As part of the Level 3 escalation roster, this role is responsible for providing proven Incident Response capabilities to identified threats and alerts, utilising the latest tools, processes, and techniques.
About the team
Deloitte’s Cyber Intelligence Centre (CIC) provides 24/7 cyber protection, detection, and response services to some of Australia’s largest private sector and government clients. Our mission is to protect and defend our clients from cyber-attacks and improve their cyber resilience.
About this role Deloitte Cyber delivers top-tier Australian based sovereign Managed Detection and Response Services to a diverse range of clients, including both private sector and government entities. Deloitte Cyber’s aim is to protect their clients’ people, infrastructure, and network from a variety of cyber based attacks and threats.
As a key member of the SOC leadership team the Senior SOC Analyst (Level 3) contributes to strategic decision-making processes, driving change, and enhancing service offerings for our clients. This role plays a crucial part in our mission to, by not only protecting our clients directly, but contributing to the protection of all Australians be they a company or an individual, all the while fostering a work environment that values contributions, encourages innovative ideas, and recognises the importance of work-life balance.
Reporting directly to the SOC Manager, the Cyber Security Analyst Level 3 assumes a leadership role within Deloitte’s Cyber 24x7x365 SOC.
This senior role fills three critical functions in the SOC.
Incident Response - Acting as an escalation point for L1 and L2 SOC Analysts and a technical, internal point of contact during Incident Responses both within and outside business hours. Using defensive measures and telemetry collected from a variety of sources to provide guidance to junior SOC members to identify, analyse, and report events that occur or might occur within client networks to protect information, information systems, and networks from threats.
Leading a Capability Area – Choose a capability within the SOC such as Threat Hunting, Threat Intelligence, Detection Engineering, Reverse Engineering, Automation and Orchestration etc. to own and shape, bringing your expertise, experience, and energy, striving for continuous improvement in our journey to offering our clients the best possible protection from outside threats.
Strategic Technical Leadership - As part of the SOC leadership team, the Senior SOC Analyst (Level 3) contributes to the overall strategy of the SOC, driving continuous improvement initiatives, and ensuring alignment with the organisation’s cybersecurity objectives.
Enough about us, let’s talk about you.

REQUIRED QUALIFICATIONS AND EXPERIENCE:

One or more industry recognised security qualifications or vendor certifications.
Alternatively, considerable experience (5+ years) in threat hunting, digital forensics, reverse engineering, incident response etc., with demonstrable skills to match.
Strong understanding of cyber security issues such as intrusions, code both malicious and non, phishing, exploits and incident response.
Experience with sophisticated threat actor evidence.
Strong knowledge in authentication, authorisation, and access control methods.
Knowledge and experience of threat actors including familiarity with typical Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and Tools, Techniques and Procedures (TTPs).
Knowledge of different classes of cyber-attacks including Distributed, Insider, Network etc.
Knowledge of at cyber stream, penetration testing/red teaming, malware analysis, Digital Forensic analysis.
Knowledge of environments (Cloud, on-prem, OT).
Knowledge of Operating Systems including logging locations, file structures, registry.
Knowledge of logging platforms including SIEMs.
Experience with Microsoft Sentinel and Kusto Query Language (KQL).
Strong Analytical skills and deductive reasoning.

OTHER REQUIREMENTS:

Be an Australian Citizen.
Proof of identity based on a 100-point identity check.
A satisfactory National Police Certificate.
Currently hold or can obtain and maintain a Baseline Security Clearance issued by AGSVA.
Ability to meet other Deloitte Cyber, client and/or government security screening requirements.
Degree in Cyber Security or related field.
CISM/CISSP Certification
Experience with other Security platforms including but not limited to Sentinel One, Crowdstrike, Splunk, Elastic.
Why Deloitte
At Deloitte, we focus our energy on interesting and impactful work. We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We put coaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.
We embrace diversity, equity and inclusion. We have a diverse collection of people from different backgrounds, with different experiences, gender identities, abilities and thinking styles. What binds us together is a shared commitment to value everyone’s perspective and to cultivate inclusion; so that our work environment is a safe space we can all belong.
We prioritise flexibility and choice. At Deloitte, you get trust on Day 1. We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team, and personal commitments.
We help you live and work well. To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeing leave, paid volunteering days, twelve flexible working options, market-leading parental leave and return to work support package

Please refer the Job description for details