Join Deloitte’s cyber organization to help strengthen incident response capabilities with a focus on malware analysis, threat investigation, and cyber defense operations. This role supports the identification, analysis, containment, and remediation of advanced threats across Deloitte’s internal environment. The ideal candidate brings hands-on experience in malware analysis, digital forensics, and enterprise security operations, along with the ability to translate technical findings into actionable response recommendations.
Work you'll do
As an Assistant Manager, Cyber Engineering on the Global Cyber Incident Response team, you will be responsible for:
- Support cyber incident response investigations, including containment, eradication, and remediation activities, with a focus on malware analysis.
- Research advanced malware, targeted attacks, crimeware campaigns, and emerging attack techniques to identify threats and report findings.
- Evaluate cyber threats, including malware, exploits, tools, and tactics, techniques, and procedures (TTPs), and assess how they are used in malicious activity.
- Investigate malicious activity across systems and networks to identify exploitation methods, indicators of compromise, and business impact.
- Collaborate with internal cyber teams to improve detection and response capabilities across security platforms, including endpoint detection and response (EDR), security information and event management (SIEM), and user and entity behavior analytics (UEBA).
The team
The Global Cyber Incident Response team helps protect Deloitte by investigating cyber threats, responding to security incidents, and enhancing the organization’s detection and response capabilities. The team works across cyber operations, threat intelligence, and engineering to analyze threats, improve security platforms, and support a coordinated response to emerging risks.
Location: Hyd
Shift Timings: 11 AM to 8 PM
Qualifications
Required:
- 6-8 years of experience in security operations, cyber incident response, or cyber defense, including 3+ years of experience in malware analysis
- Experience conducting static and dynamic malware analysis using debuggers, disassemblers, and reverse engineering tools
- Experience analyzing host and network forensic artifacts, indicators of compromise, and packet capture data using tools such as Wireshark
- Experience with programming or scripting languages such as Assembly, C, C++, Python, JSON, Visual Basic, or PowerShell
- Experience building or maintaining reverse engineering lab environments or malware analysis environments
- Experience working with cloud or container technologies such as Amazon Web Services (AWS), Docker, or Kubernetes
- Experience working in a large enterprise information technology or cyber security environment
Preferred:
- SANS GIAC Reverse Engineering Malware (GREM) certification
- Experience writing Snort signatures or YARA rules
- Experience with endpoint detection and response (EDR) tools such as Microsoft Defender
- Experience with Splunk or ServiceNow
- Experience with Azure or Amazon Web Services (AWS)
- Experience with threat intelligence platforms such as ThreatConnect or Anomali, or certifications such as GCFA, GCFE, GNFA, GICH, GCIA, CFCE, CHFI, CEH, EnCE, or OSCP