Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.

PREFERRED QUALIFICATIONS:

• 3+ years experience supporting large federal energy clients.
• Knowledge of Advanced Persistent Threats (APT) tactics, techniques and procedures.
• Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• Understanding of common network infrastructure devices such as routers and switches
• Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
• Basic knowledge in system security architecture and security solutions
  As used in this posting, “Deloitte” means Deloitte Transactions and Business Analytics LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.
  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
  Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
  The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $93,225.00 to $155,375.00.
  You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

WORK YOU’LL DO

As a Systems Engineer, you will support the Security Operations Center (SOC) with engineering defense.

• Monitor client sources of potential security incidents, health alerts with monitored solutions, and requests for information. This includes the monitoring of real-time channels or dashboards, periodic reports, email inboxes, helpdesk or other ticketing systems, telephone calls, and chat sessions.
• Follow client and incident-specific procedures to perform triage of potential security incidents to validate and determine needed mitigation.
• Escalate potential security incidents to client personnel, implement countermeasures in response to others, and recommend operational improvements.
• Keep accurate incident notes in the case management system.
• Maintain awareness of the client’s technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by client threat intelligence, and recent security incidents.
• Provide advanced analysis of the results of the monitoring solutions, asses escalated outputs and alerts from Level 1 Analysts
• Perform web hunting for new patterns/activities.
• Advise on content development and testing.
• Provide advice and guidance on the response action plans for information risk events and incidents based on incident type and severity.
• Ensure that all identified events are promptly validated and thoroughly investigated.
• Provide end-to-end event analysis, incident detection, and manage escalations using documented procedures.
• Devise and document new procedures and runbooks/playbooks as directed.
• Maintain monthly Service Level Agreements (SLAs)
• Maintain compliance with processes, runbooks, templates, and procedures-based experience and best practices.
• Assist the Cyber Hunting team with advanced investigations as needed.
• Provide malware analysis (executables, scripts, documents) to determine indicators of compromise, and create signatures for future detection of similar samples.
• Continuously improve the service by identifying and correcting issues or gaps in knowledge (analysis procedures, plays, client network models), false positive tuning, identifying, and recommending new or updated tools, content, countermeasures, scripts, plug-ins, etc.

OUR PURPOSE

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more.