Deloitte | India Offices of the US

DSOC Lead – STO (Security Technology Operations)

Work you’ll do

The DSOC Lead is accountable for end-to-end leadership, governance, and performance of the Deloitte Security Operations Center (DSOC), ensuring 24x7 monitoring, timely incident response, and intelligence-led operations to protect employees, assets, facilities, and business operations globally. This role serves as the central command authority during incidents, coordinating across physical security, cybersecurity, business continuity, crisis management, and external partners to drive effective outcomes.

Key Responsibilities

1) DSOC Leadership & Operations

• Lead day-to-day DSOC operations to deliver consistent, high-quality 24x7 monitoring and response coverage.
• Establish and maintain operating model, staffing plans, shift governance, training, and performance management.
• Set operational priorities, manage workload, and ensure effective triage, escalation, and case management.

2) Incident Command & Crisis Coordination

• Act as incident commander for security events, ensuring rapid assessment, clear communications, and coordinated action.
• Orchestrate cross-functional response with Physical Security, Cybersecurity, Business Continuity, Crisis Management, and local site teams.
• Coordinate with external stakeholders as needed (e.g., law enforcement, emergency services, landlords, vendors).

3) Monitoring, Intelligence, and Threat Management

• Oversee monitoring of security technologies and sources (alarms, access control, video, threat feeds, travel/security alerts).
• Drive an intelligence-led approach: threat assessment, situational awareness, and dissemination of actionable advisories.
• Maintain escalation criteria and response playbooks for key scenarios (workplace violence, suspicious activity, natural disasters, geopolitical events, etc.).

4) Governance, Process, and Continuous Improvement

• Define and enforce standard operating procedures (SOPs), runbooks, and quality assurance checks.
• Lead after-action reviews, root-cause analysis, and continuous improvement to reduce recurrence and improve response effectiveness.
• Ensure alignment to enterprise policies and support audits/compliance requirements where applicable.

5) Technology, Metrics, and Reporting

• Partner with Technical Lead (STO) and IT to ensure DSOC tools are reliable, secure, and fit-for-purpose (Incident management, alerting, emergency communications).
• Define and track KPIs and service levels (e.g., response time, resolution time, false alarm reduction, escalation quality).
• Produce executive-ready reporting, trend analysis, and risk insights to inform leadership decisions.

6) Stakeholder & Vendor Management

• Build strong working relationships with all the stakeholders, site security teams, Office Experience/Real Estate, Talent, OGC, and Communications teams.
• Manage vendors and service providers supporting monitoring, guarding services, and security technology operations, drive performance and escalations.

Required Skills & Qualifications

• Demonstrated experience leading security operations and/or a GSOC/SOC environment with 24x7 coverage and structured incident management.
• Strong knowledge of incident response, escalation frameworks, and crisis coordination across global operations.
• Experience developing SOPs, playbooks, training programs, and governance routines.
• Ability to synthesize intelligence and operational data into clear, actionable decisions and communications.
• Excellent stakeholder management skills; calm, decisive leadership during high-pressure incidents.

Preferred Qualifications

• Bachelor’s degree (or equivalent practical experience); for GSOC scope, degree in Security Management, or related field preferred.
• Experience in physical security and security technology operations
• Familiarity with business continuity and crisis management frameworks.
• Experience with GSOC tooling (Incident management platforms, mass notification, access control/VMS monitoring, threat intelligence feeds).
• Experience with risk assessment, threat analysis, crisis/incident response, and producing clear written reports/briefings.
• Strong professional presence; ability to interact confidently with senior leaders/stakeholders; proven discretion and confidentiality.
• Ability to work outside normal business hours (nights/weekends/holidays) and adjust hours based on operational needs; willingness to travel domestically/internationally as needed.

Preferred Qualifications / Certifications

• Prior experience in Physical Security and Security Technology Operations, Crisis Management, Investigations support and audit documentation.
• Relevant certifications (e.g., Certified Protection Professional (CPP)/Physical Security Professional (PSP), incident management/crisis leadership training) are a plus.

Core Competencies

·       Strategic thinking; sound judgment; calm under pressure; attention to detail; strong coordination/communication; high integrity; executive presence.

·       Work Location: 

       The position is based out of Hyderabad and expected to travel around USI to support        Security Technology Operations

Timings : 9AM – 6PM / 11AM - 8PM

Success Metrics (Examples)

• 24x7 operational coverage with consistent service quality
• Improved response times and incident outcomes (containment, recovery, stakeholder satisfaction)
• Strong compliance with SOPs and high-quality escalations/communications
• Reduced repeat incidents through lessons learned and preventive actions
• Actionable intelligence outputs adopted by stakeholders