Job Description

Position Summary

Global Event Monitoring Services- Tier3-Senior Analyst
Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte’s Information Technology Services (ITS). We are curious and life-long learners focused on technology and innovation.
Work you’ll do The Security Operations Center (SOC) Tier 3 Analyst must be willing to work in a 24x7x365 Security Operations Center environment, as well as may be expected to work some holidays and allow for flexible scheduling. The Tier 3 analyst researches relevant threat actors, attack vectors, and behaviors pertinent to Deloitte’s member firms. The candidate should possess extensive knowledge on network, endpoint, threat intelligence, as well as the functioning of specific applications or underlying IT infrastructure, and have experience with SIEM technologies, EDR solutions, forensics tools, and malware analysis. An understanding of network traffic, well known ports, network assets, web traffic, protocols, and basic requests such as HTTP/S is mandatory. The candidate must possess the majority of the following skillsets and/or experience –

• Research trending campaigns, attack vectors, and search for these in multiple member firms environments.
• Be tool agnostic – the Threat Hunting tools may differ from the access granted by the individual member firms, and we value concepts over tools. The ideal candidate must possess an acute ability to adapt to any tool.
• Maintain awareness of the Global Fusion Center and Deloitte Member Firms’ technology architecture, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by the Threat Intelligence team, and recent security incidents.
• As needed, work with L1-L3 SOC Analysts pertaining to security alerts to perform in depth analysis and triage threat activity based on host and network activity, traffic, and protocol analysis to identify infection vectors, the extent of the infection, and prepare high quality reports based on findings.
• Respond to requests from member firm incident response teams for specific investigation requests around software/application vulnerabilities, zero days, and security incidents.
• Understand chain of custody and be able to properly document all actions taken.
• Present threat hunt findings to member firms on a regular interval, so proven presentation and communication skills are essential.
• Serve as a subject matter expert in at least one security-related functional area (e.g. specific malware solution, python programming, digital forensics, etc.)
• Adhere to internal operational security and other Deloitte policies.
• Hunt for new patterns, activities, and ever-changing tactics associated with advanced threat actors.
• Perform ad hoc SIEM content development and testing.
• Provide recommendations for remediation of assets identified during hunting to assist the Deloitte with threat mitigations. These include but are not limited to security upgrades, configuration changes, and SIEM content recommendations.
• When necessary, devise and document new techniques, automation, and procedures along with the Threat Hunting Service Leadership.
• Mentor junior threat hunters and deliver technical training sessions.
• Foster a culture of collaboration and build team members’ strengths.
• Collaborate with the service leadership to help grow the service.

The team
Information Technology Services (ITS) helps power Deloitte’s success. ITS drives Deloitte, which serves many of the world’s largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.
The ~2,500 professionals in ITS deliver services including:

• Security, risk & compliance
• Technology support
• Infrastructure
• Applications
• Relationship management
• Strategy
• Deployment
• PMO
• Financials
• Communications

Cyber Security
Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of focus include:

• Cyber design
• Risk & Compliance
• Technology Risk Management
• Identity & Access Management
• Data Protection
• Incident Response and Architecture

Qualifications Required: § 4-6 years of in-depth experience in Security Operation environment and working on SPLUNK or other SIEM tools. § Strong background in Security operations, Threat Hunting, Incident Response and threat intelligence § Responsible for proactively discovering new attacks, or attacks currently underway using advanced security monitoring techniques and advanced cyber systems/tools. § BA or BS in Computer Science or Information Management and relevant work experience. § Excellent spoken and written communication skills. § Strong analytical and problem-solving skills. § Experience with the following technologies: leading SIEM technologies, EDR solutions; Knowledge of IDS/IPS, Ant Virus Solutions, network- and host- based firewalls, data leakage protection (DLP), web proxies, DNS, windows/Unix system administration. § Understanding of possible attack activities such as network reconnaissance probing/ scanning, DDOS, malicious code activity, etc. § Strong knowledge on malware analysis § Understanding of common network elements devices such as routers, switches. § Understanding of basic networking protocols such as IP, DNS, HTTP, FTP, SMTP etc., and the OSI model. § Basic knowledge in system security architecture and security solutions. Preferred: § Certification include Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), CISSP, Certified Ethical Hacker (CEH), Certified Incident Handler (GCIH) § Excellent interpersonal and organizational skills. § Knowledge foundation in Windows PowerShell and WMI § Basic knowledge in programming languages such as Python, Java or Ruby. § Strong analytical and problem-solving skills. § Self-motivated to improve knowledge and skills. § A strong desire to understand the what as well as the why and the how of security incidents. § Works well both in a team environment and independently. How you’ll grow At Deloitte, our professional development plan focuses on helping people at every level of their career to help them to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiter tips We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

Recruiting tips

Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters.

Benefits

We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Learn more about what working at Deloitte can mean for you.

Our people and culture

Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Be inspired by the stories of our people.

Professional development

You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people.

Requisition code: 115777