Senior- Event Monitoring Analyst & Threat Hunter (Internal SOC)

The Deloitte Global Cyber Defense department works as an internal Fusion Center for Deloitte globally, including threat detection, protection and remediation. Cyber Defense delivers a comprehensive set of cybersecurity services to Deloitte through different coordinated teams, all replicated in our three delivery hubs located in America, Europe and Asia.

Within the Global Fusion Center, the Global Event Monitoring Service provides SOC capabilities by leading the detection and mitigation of malicious activity. The service correlates event data across the global Deloitte network to effectively detect and report potential malicious activities from sophisticated threat actors. 

What will your day-to-day be like?

• Operations
  • Act as main point of escalation for junior and senior analysts’ investigations about common threats that are targeting Deloitte’s global infrastructure.
  • Support and mentor junior and senior analysts, to be an active part of their career development.
  • Monitoring high-level dashboards to identify advanced threats.
  • Supporting Incident Response tasks.
  • Propose ad-hoc SIEM use cases development and testing.
  • Develop and maintain dashboards for advance threat detection.
  • Provide recommendations for remediation of assets identified during investigations to assist Deloitte with threat mitigations.
  • Foster a culture of collaboration and build team members’ strengths.
  • Collaborate with the service leadership to help grow the service.

• Threat Hunting
  • Performing Threat Hunting activities, following a defined methodology, by proactive and iterative searching of suspicious activity across the Deloitte global network to detect and isolate advanced threats that may evade existing security solutions.
  • Detecting gaps and limitations and proposing enhancement to the current SOC detection capabilities to protect Deloitte infrastructure.
  • Proposing new content to improve defensive capabilities of Deloitte.
  • Collaborating with other teams (Knowledge Sharing sessions, support, operational information exchange, etc.)
  • Research trending campaigns, attack vectors, and provide insights for selecting the next Threat Hunt target.
  • Be tool agnostic – the Threat Hunting tools may evolve over time, and we value concepts over tools. The ideal candidate must possess an acute ability to adapt to any tool.

What do we expect from you?

• Minimum of 3 years of combined experience in the Information Security / Cybersecurity domain with a focus on security event monitoring.
• Proven track record and experience of the following in a highly complex and global organization:
  • Working with leading:
    • SIEM technologies
    • Endpoint Detection & Response tooling (EDR)
    • IDS/IPS
    • Network and host based firewalls
  • In depth, hands-on experience with at least two of the following technologies:
    • Unix administration
    • Windows Server administration
    • Active Directory
    • Windows Workstation
    • Routers /Switches management
    • Firewall Management
    • Web servers
    • Identity Access Management
    • IDS/HDS
    • System vulnerability scanning tools
    • Application/Database vulnerability scanning tools
    • Mobile device analysis
    • Secure coding
  • Analyzing possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc.  and coordinating remediation actions as necessary.
  • Understanding of common network services and protocols (HTTP(s), SMTP, DNS, etc.), operative systems, vulnerabilities and attack patterns.
  • Performing Threat Hunting activities following a defined iterative methodology.
• Experience with SOC ticketing systems and proven SOC process knowledge.
• Relevant security certifications such as Certified Intrusion Analyst (GIAC), CISSP, Certified Ethical Hacker (CEH), Offensive Security Exploitation Expert (OSEE) will be a plus.

What is it like to work at Deloitte? 

Working at Deloitte will provide you with the opportunity to participate in the transformation of leading national and international organisations.

This environment will allow you to focus on your personal and professional growth while being surrounded by inspiring individuals. You will also be given the chance to participate in training programmes that will allow you to unlock your full potential.

Thanks to the diversity of our workspace, you will come into contact with a wide array of perspectives, individuals, challenges, and projects.

At Deloitte we are committed to making a positive impact on society, our clients, and you, our employees. 

In order to help us achieve this goal, we have integrated a series of programmes and benefits in our culture that include:

• A personalised training and career plan (specific/technical, languages, and soft skills).
• A culture of continuous, valuable feedback (upwards and downwards).
• Mentoring programmes based on your professional category.
• Volunteering programmes and social action initiatives with a national and international scope (WorldImpact).
• Cultural programmes and subsidised sports clubs (Deloitte Runners Club, padel, football, volleyball, and many more).
• Medical insurance and health service based at the office: GPs, nurses, physiotherapy, wellbeing, mental health, etc.
• Flexibility programme.
• Flexible remuneration plan and a range of benefits for forming part of Deloitte.

Who are we?

Deloitte is the leading professional services company in Spain and the world. With 22 offices in Spain and 169 offices around the world, we help organisations to address their transformation challenges through a multidisciplinary service approach that can be adapted to a variety of industries.

What is the next step?

1. If you believe this role is right for you, please click on ‘Apply now’ and complete your profile so we can assess your application.
2. Our recruitment team will get in touch to find out a bit more about you if they think you could be a good fit for the role.
3. From this stage onwards we will guide you through the selection process, which could mark the beginning of your Deloitte journey!

Click here to find out more about our Cyber team. Are you ready for the challenge?

What impact will you make?