Tier 2 - Security Event Monitoring Analyst

At Deloitte we are committed to your professional development and we value your experience and commitment to the Firm, which is why we want you to continue to grow with us under our Internal Mobility programme.

Shall we continue walking together?

The Deloitte Global Cyber Defense department works as an internal Fusion Center for Deloitte globally, including threat detection, protection and remediation. Cyber Defense delivers a comprehensive set of cybersecurity services to Deloitte through different coordinated teams, all replicated in our three delivery hubs located in America, Europe and Asia.

Within the Global Fusion Center, the Global Event Monitoring Service provides SOC capabilities by leading the detection and mitigation of malicious activity. The service correlates event data across the global Deloitte network to effectively detect and report potential malicious activities from sophisticated threat actors.

What will your day-to-day be like?

• Serve as a primary escalation point for other GSOC analysts during the course of advanced incident investigation.
• Provide guidance on response action plans for events and incidents based on a wide range of incidents.
• Provide intermediate-level event analysis, incident detection, and escalate to leads as appropriate.
• Advanced analysis of the results of a wide range of threat detection and incident response platforms.
• Ensure that all identified events are promptly validated and thoroughly investigated. 
• Collaborating with the Deloitte Cyber Threat Intelligence team, and leverage Open-Source Intelligence (OSINT) to identify and search for new malicious Indicators of Compromise (IOCs).
• Provide oversight and guidance to junior Analysts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents.
• Responsible for identifying training needs for the junior analysts.  
• Oversee documentation owned by the GSOC team including, but not limited to, Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs). 
• Create and document new Standard Operating Procedures (SOPs).
• Coordinate with the Security Tool specialists to implement new or enhanced threat detection logic, signatures, and/or IOCs.

What do we expect from you?

• Minimum of 2 years of combined experience in the Information Security / Cybersecurity domain with a focus on security event monitoring.
• Experience with SIEM solutions, analyzing events and content creation.
• In depth, hands-on experience with at least two of the following technologies:
  • Unix administration.
  • Windows Server administration.
  • Active Directory.
  • Windows Workstation.
  • Routers /Switches management.
  • Firewall Management.
  • SAN/NAS.
  • Web servers.
  • IAM/AAA.
  • IDS/HDS.
  • System vulnerability scanning tools.
  • Application/Database vulnerability scanning tools, mobile device analysis or Secure coding. 
• Experience analyzing possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc.  and coordinating remediation actions as necessary.    
• Willingness to work within a follow-the-sun model (no overnight shifts) to provide coverage of Deloitte networks.
• Understanding of network devices such as routers, switches. TCP/IP knowledge. 
• Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns.  
• Experience working with IDS/IPS, network- and host- based firewalls, data leakage protection (DLP), DAM (Database activity monitoring). 
• Experience with EDR tools, operation, and analysis of events.
• Experience working with ticketing systems.
• Intermediate knowledge in system security architecture and security solutions. 
• Excellent written and verbal, interpersonal, collaborative skills and leadership skills.

• Preferred
  • Bachelor’s degree in computer science, information technology, mathematics, engineering, or other technical degree.
  • Security+  
  • Network+  
  • CySA+  
  • CCNA   
  • Splunk Certified User  

What do we offer?

• You will have a hybrid-flexible working model.
• You will be eligible for a flexible remuneration system, medical service, health insurance, life insurance and accident insurance.
• You will have a training plan throughout your career.
• You will develop in a feedback culture where you will be encouraged to learn continuously.
• If you are interested, you will participate in national and international social action and volunteering programmes
• You will enjoy a cultural and sporting offer

Now the choice is yours! If you think this position is right for you, click 'Apply now' and complete your profile so we can assess your application. If you fit the profile, our recruitment team will contact you to get to know you.

From there we will guide you through our recruitment process and your Deloitte story will begin.

What impact will you make?