Global Event Monitoring Services- Tier3-Senior Analyst, Hyderabad India
Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte’s Information Technology Services (ITS). We are curious and life-long learners focused on technology and innovation.
Work you’ll do
The Security Operations Center (SOC) Tier 3 Analyst must be willing to work in a 24x7x365 Security Operations Center environment, as well as may be expected to work some holidays and allow for flexible scheduling. The Tier 3 analyst research relevant threat actors, attack vectors, and behaviors pertinent to Deloitte’s member firms. The candidate should possess extensive knowledge on network, endpoint, threat intelligence, as well as the functioning of specific applications or underlying IT infrastructure, and have experience with SIEM technologies, EDR solutions, forensics tools, and malware analysis. An understanding of network traffic, well known ports, network assets, web traffic, protocols, and basic requests such as HTTP/S is mandatory. The candidate must possess the majority of the following skillsets and/or experience –
- Research trending campaigns, attack vectors, and search for these in multiple member firms environments.
- Be tool agnostic – the Threat Hunting tools may differ from the access granted by the individual member firms, and we value concepts over tools. The ideal candidate must possess an acute ability to adapt to any tool.
- Maintain awareness of the Global Fusion Center and Deloitte Member Firms’ technology architecture, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by the Threat Intelligence team, and recent security incidents.
- As needed, work with L1-L3 SOC Analysts pertaining to security alerts to perform in depth analysis and triage threat activity based on host and network activity, traffic, and protocol analysis to identify infection vectors, the extent of the infection, and prepare high quality reports based on findings.
- Respond to requests from member firm incident response teams for specific investigation requests around software/application vulnerabilities, zero days, and security incidents.
- Understand chain of custody and be able to properly document all actions taken.
- Present threat hunt findings to member firms on a regular interval, so proven presentation and communication skills are essential.
- Serve as a subject matter expert in at least one security-related functional area (e.g. specific malware solution, python programming, digital forensics, etc.)
- Adhere to internal operational security and other Deloitte policies.
- Hunt for new patterns, activities, and ever-changing tactics associated with advanced threat actors.
- Perform ad hoc SIEM content development and testing.
- Provide recommendations for remediation of assets identified during hunting to assist the Deloitte with threat mitigations. These include but are not limited to security upgrades, configuration changes, and SIEM content recommendations.
- When necessary, devise and document new techniques, automation, and procedures along with the Threat Hunting Service Leadership.
- Mentor junior threat hunters and deliver technical training sessions.
- Foster a culture of collaboration and build team members’ strengths.
- Collaborate with the service leadership to help grow the service.
The team
Information Technology Services (ITS) helps power Deloitte’s success. ITS drives Deloitte, which serves many of the world’s largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.
The ~2,500 professionals in ITS deliver services including:
- Security, risk & compliance
- Technology support
- Infrastructure
- Applications
- Relationship management
- Strategy
- Deployment
- PMO
- Financials
- Communications
Cyber Security
Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of focus include:
- Cyber design
- Risk & Compliance
- Technology Risk Management
- Identity & Access Management
- Data Protection
- Incident Response and Architecture
Qualifications
· BA or BS in Computer Science or Information Management and relevant work experience.
Skills/abilities:
- 4-6 years of in-depth experience in Security Operation environment and working on SPLUNK or other SIEM tools.
- Strong background in Security operations, Threat Hunting, Incident Response and threat intelligence
- Responsible for proactively discovering new attacks, or attacks currently underway using advanced security monitoring techniques and advanced cyber systems/tools.
- Experience with the following technologies: leading SIEM technologies, EDR solutions; Knowledge of IDS/IPS, Anti-Virus Solutions, network- and host- based firewalls, data leakage protection (DLP), web proxies, DNS, windows/Unix system administration.
- Participate in the creation of Standard Operating Procedure to handle and minimize the impact of security incident.
- Respond to security incidents, investigating and mitigating security breaches including outside of standard business hours when required.
- Has knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
- Understanding of basic networking protocols such as IP, DNS, HTTP, FTP, SMTP etc., and the OSI model.
- Mentors, coaches, and trains security analysts Tier 1’s & 2’s and serve as the point person for escalation issues that may arise.
- Excellent spoken and written communication skills.
- Has systematic, disciplined, and analytical approach to problem solving.
Preferred:
- Certifications include Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), CISSP, Certified Ethical Hacker (CEH), Certified Incident Handler (GCIH)
- Excellent interpersonal and organizational skills.
- Knowledge foundation in Windows PowerShell and WMI
- Basic knowledge in programming languages such as Python, Java or Ruby.
- Strong analytical and problem-solving skills.
- Self-motivated to improve knowledge and skills.
- A strong desire to understand the what as well as the why and the how of security incidents.
- Works well both in a team environment and independently.
How you’ll grow
At Deloitte, our professional development plan focuses on helping people at every level of their career to help them to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.
Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Deloitte’s culture
Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.
Corporate citizenship
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world.
Recruiter tips
We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.