Deloitte | India Offices of the US

Job title: SOAR Senior Consultant

About

At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security.

By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas.

Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients‘ most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions.

 The Team

Deloitte’s Detect & Respond (D&R) aims to combine sophisticated technologies and human intelligence to help the clients monitor, detect, investigate, and respond to known and unknown attacks. We help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Detect and Respond team delivers service to clients through following key areas:

•Threat detection and response

•Attack surface management

•Threat Intelligence

•Threat Hunting

•Data Protection

Work you’ll do

• In your role as a Senior Consultant, you will support a team in delivering projects across a variety of cyber topics, including such examples as:
• Providing Deloitte’s perspective on the latest SOC trends via current state maturity assessment, do now/do next/do later roadmap.
• Assisting clients in identifying and deploying security analytics, alerting and automation solutions based on their organizational requirements technical integration with key data inputs (e.g., raw security telemetry coupled with referential data).
• Conduct detailed process and technical analysis to identify candidate IR processes for automation and implement process improvements and automations to improve incident triage, investigate and containment activities.
• Enhancing and documenting existing SOC processes to increase centralized visibility to identify suspicious activity to reduce the mean time to detect and respond to cyber threats.
• Increase maturity of key SOC capabilities across governance, people, processes, and technology to proactively monitor, detect, investigate, and respond to known and unknown attacks.
• Drive impact of SIEM solution changes on the operational efficiencies of the Security, Network operational teams.
• Evaluate current state against target stats, identifying issues such as workflow gaps, technology limitations or deficiencies, and resource dependencies and design incident response programs supporting security automation and orchestration.
• Facilitate and/or gather inputs and requirements to formulate content to include workflows, reports, dashboards, playbooks, threat intel, incident analysis etc.
• Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions.
• Author, test, and maintain automation scripts/workflows within SOAR platform.
• Design, implement, and maintain efficient and reusable Python code.
• Review, debug, and resolve technical issues throughout all stages of Playbook development.
• Integrate SOAR platform with other security tools and APIs through platform inbuilt apps and custom apps to execute automated workflows.
• Measure effectiveness of process improvement and automation efforts via metrics and KPIs.
• Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements.
• Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects.
• Support effective project and program kickoff, identification of all program stakeholders, defining and clarifying program roles and responsibilities.
• Track and communicate engagement performance and planning to Deloitte engagement management, ensuring project milestones remain on track and are completed timely, and escalate risks as appropriate.
• Participate actively in decision making with engagement management and seek to understand the broader impact of current decisions.
• Create and design effective presentations as a means for communicating project and deliverable progress to clients.
• Build and nurture positive working relationships with clients with the intention to exceed client expectations.
• Execute advanced services and supervise staff in delivering basic services.
• Contribute to Deloitte’s thought leadership in client organizations and the external marketplace.
• Work cross-functionally with team members to support and drive a collaborative team environment.
• Actively mentor and train team members on Fusion Center/SOC processes, governance, and frameworks.
• Adopt a pragmatic approach to dealing with situations where confidentiality is important or where our work is of a sensitive nature. Helping maintain our client’s strong professional relationships is integral to our business.

Required skills

• 2 + year minimum of work experience in one or more Cyber focus areas such as: Fusion Center/SOC, Network Security, Endpoint Security, Incident Response, Forensics, Threat Intelligence, Vulnerability Management.
• Bachelor of Science/Business Administration with a concentration in computer science, information systems, information security, math, decision sciences, risk management, engineering (mechanical, electrical, industrial) or other business/technology disciplines
• 2+ years of experience with SOAR platforms such as Phantom, Cortex XSOAR, Swimlane, etc.
• 5+ years of working knowledge of Security related scripting, Python, SOAP/REST APIs, JSON, HTML/CSS, Javascript, XML
• 2+ years of experience with SOC SOPs, playbooks, work instructions and/or other process documents
• Proficient understanding of relevant security technologies, such as malware management, network forensics, flow analysis, IDS/IPS, etc.
• Excellent communication, listening & facilitation skills

Preferred skills

• Service Management (ITSM) tools, workflow, and automation)
• Certifications; CISSP, CISA, CISM, GCIH, GMON, GCDA, GPEN, GCFA, GCTI
• Experience with consulting skills (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc.)
• Demonstrated leadership and team-building abilities

Qualification

·       Bachelor’s degree is required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.