USI - FY26 - Cyber Defense & Resilience - Splunk - Lead Solution Advisor (LSA)

Same job available in 4 locations

Bengaluru, Karnataka, India

Chennai, Tamil Nadu, India

Hyderabad, Telangana, India

Pune, Maharashtra, India

Back to search results
Back to search results

Position Summary

Cyber

Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience, grow with confidence, and proactively manage to secure achievements.

Position Summary 

Level: Lead Solution Advisor   

Work you’ll do: 

As a Senior Consultant, you would be responsible for below:

SIEM Migration & Implementation

  • Lead and execute SIEM solution migrations, including planning, data transfer, and validation.
  • Implement and configure Splunk SIEM solutions tailored to organizational security requirements
Log Onboarding & Normalization

  • Onboard diverse log sources into Splunk, ensuring data is parsed and normalized according to the Common Information Model (CIM).
  • Develop and maintain data models, field extractions, and event parsing logic.
Content Development & Tuning

  • Design, develop, and tune detection rules, correlation searches, dashboards, and alerts.
  • Continuously optimize content to reduce false positives and improve detection accuracy.
Troubleshooting & Platform Management

  • Diagnose and resolve issues related to log ingestion, parsing, and platform performance.
  • Monitor and maintain the health, availability, and scalability of the Splunk environment.
SIEM Optimization & Administration

  • Perform regular platform optimization, including indexing, storage management, and search performance tuning.
  • Administer Splunk components (indexers, search heads, forwarders, etc.) and manage upgrades/patches.
Deployment & Solution Delivery

  • Deploy and configure Splunk SIEM solutions in both on-premises and cloud environments.
  • Collaborate with stakeholders to ensure successful delivery of security monitoring capabilities.
Gap Analysis & Use Case Development

  • Conduct log source and use case gap analysis to identify coverage gaps and recommend enhancements.
  • Work with security teams to develop new use cases aligned with evolving threat landscapes.

The Team: 

Cyber Defense & Resilience teams assist clients in defending against advanced threats by transforming security operations, and by monitoring technology, data analytics, and threat intelligence. They help manage and protect dynamic attack surfaces and provide rapid crisis and cyber incident response, thereby ensuring that clients can be ready for, respond to, and recover from business disruptions. Examples of work include Operational Resilience, Crisis & Incident Response, and Security Operations Center Transformation. As part of Deloitte’s Cyber Defense & Resilience portfolio, our SecOps teams partner with clients to strengthen security operations and cyber resilience. We deliver end-to-end services—from strategic assessments and innovation workshops to implementing next-generation SIEM solutions—enabling proactive risk identification and mitigation across digital environments. Leveraging advanced analytics, AI-driven detection, and optimized data management, we provide continuous monitoring and rapid response to emerging threats. This integrated approach empowers organizations to build robust, future-ready security postures and confidently navigate an evolving cyber threat landscape.

Qualifications  

Must Have Skills/Project Experience/Certifications: 

  • 5-7 years of hands-on experience with Splunk SIEM (Enterprise Security preferred).
  • Strong understanding of SIEM concepts, log management, and security operations.
  • Proficiency in log source onboarding, parsing, and CIM compliance.
  • Experience in content development (correlation rules, dashboards, alerts) and tuning.
  • Solid troubleshooting skills for both Splunk platform and security content.
  • Experience with Splunk administration, deployment, and health monitoring.
  • Familiarity with SIEM optimization techniques and best practices.
  • Ability to conduct gap analysis and develop actionable recommendations.
  • Excellent communication and documentation skills.
  • Relevant certifications (e.g., Splunk Certified Admin, Splunk Certified Architect) are a plus.

Good to Have Skills/Project Experience/Certifications:

  • Experience with cloud-based SIEM deployments (AWS, Azure, GCP).
  • Knowledge of scripting languages (Python, Bash) for automation.
  • Exposure to other SIEM platforms (QRadar, Sentinel, SecOps, XSIAM, etc.) is advantageous.

Education: 

  • Bachelor's degree or higher in Computer Science, or equivalent experience.

Location: 

  • Bangalore, Hyderabad, Pune, Chennai, Kolkata

Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. 
Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas and perspectives, and bring more creativity and innovation to help solve our clients’ most complex challenges. This makes Deloitte one of the most rewarding places to work.
Professional development

At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse   learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India.
Benefits to help you thrive

At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you.
Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

Requisition code: 308879