Enviar candidatura ahora »

Senior - Event Monitoring Analyst & Threat Hunter

To join Deloitte is to participate in the transformation of leading national and international organisations. At Deloitte we are committed to making an impact on society, our clients and you.


Are you in?



The Deloitte Global Cyber Defense department works as an internal Fusion Center for Deloitte globally, including threat detection, protection and remediation. Cyber Defense delivers a comprehensive set of cybersecurity services to Deloitte through different coordinated teams, all replicated in our three delivery hubs located in America, Europe and Asia.


Within the Global Fusion Center, the Global Event Monitoring Service provides SOC capabilities by leading the detection and mitigation of malicious activity. The service correlates event data across the global Deloitte network to effectively detect and report potential malicious activities from sophisticated threat actors.



What will your day-to-day be like?


  • Operations
    • Act as main point of escalation for junior and senior analysts’ investigations about common threats that are targeting Deloitte’s global infrastructure.
    • Support and mentor junior and senior analysts, to be an active part of their career development.
    • Monitoring high-level dashboards to identify advanced threats.
    • Supporting Incident Response tasks.
    • Propose ad-hoc SIEM use cases development and testing.
    • Develop and maintain dashboards for advance threat detection.
    • Provide recommendations for remediation of assets identified during investigations to assist Deloitte with threat mitigations.
    • Foster a culture of collaboration and build team members’ strengths.
    • Collaborate with the service leadership to help grow the service.


  • Threat Hunting
    • Performing Threat Hunting activities, following a defined methodology, by proactive and iterative searching of suspicious activity across the Deloitte global network to detect and isolate advanced threats that may evade existing security solutions.
    • Detecting gaps and limitations and proposing enhancement to the current SOC detection capabilities to protect Deloitte infrastructure.
    • Proposing new content to improve defensive capabilities of Deloitte.
    • Collaborating with other teams (Knowledge Sharing sessions, support, operational information exchange, etc.)
    • Research trending campaigns, attack vectors, and provide insights for selecting the next Threat Hunt target.
    • Be tool agnostic – the Threat Hunting tools may evolve over time, and we value concepts over tools. The ideal candidate must possess an acute ability to adapt to any tool.



What do we expect from you?


  • Minimum of 3 years of combined experience in the Information Security / Cybersecurity domain with a focus on security event monitoring.
  • Proven track record and experience of the following in a highly complex and global organization:
    • Working with leading:
      • SIEM technologies
      • Endpoint Detection & Response tooling (EDR)
      • IDS/IPS
      • Network and host based firewalls
    • In depth, hands-on experience with at least two of the following technologies:
      • Unix administration
      • Windows Server administration
      • Active Directory
      • Windows Workstation
      • Routers /Switches management
      • Firewall Management
      • Web servers
      • Identity Access Management
      • IDS/HDS
      • System vulnerability scanning tools
      • Application/Database vulnerability scanning tools
      • Mobile device analysis
      • Secure coding
    • Analyzing possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc.  and coordinating remediation actions as necessary.
    • Understanding of common network services and protocols (HTTP(s), SMTP, DNS, etc.), operative systems, vulnerabilities and attack patterns.
    • Performing Threat Hunting activities following a defined iterative methodology.
  • Experience with SOC ticketing systems and proven SOC process knowledge.
  • Relevant security certifications such as Certified Intrusion Analyst (GIAC), CISSP, Certified Ethical Hacker (CEH), Offensive Security Exploitation Expert (OSEE) will be a plus.



What do we offer?


  • You will have a hybrid-flexible working model.
  • You will be eligible for a flexible remuneration system, medical service, health insurance, life insurance and accident insurance.
  • You will have a training plan throughout your career.
  • You will develop in a feedback culture where you will be encouraged to learn continuously.
  • If you are interested, you will participate in national and international social action and volunteering programmes
  • You will enjoy a cultural and sporting offer


Now the choice is yours! If you think this position is right for you, click 'Apply now' and complete your profile so we can assess your application. If you fit the profile, our recruitment team will contact you to get to know you.

From there we will guide you through our recruitment process and your Deloitte story will begin.


What impact will you make?


Deloitte es una Firma de servicios profesionales firmemente comprometida con la igualdad de oportunidades. En este sentido, la Firma aceptará y tramitará solicitudes de todos los sectores de la sociedad, no discriminando por motivos de sexo, expresión de género, raza, religión o creencias, origen étnico o nacional, discapacidad, enfermedad o condición de salud, predisposición genética a sufrir patologías, edad, ciudadanía, estado civil, orientación o identidad sexual, situación socioeconómica o cualquier otra condición o circunstancia personal o social.
Ubicación:  Madrid
Tipo de puesto:  Profesionales con experiencia
Línea de servicio:  RISK ADVISORY
Req Id:  37484

Enviar candidatura ahora »