Position summary
Cyber
Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience, grow with confidence, and proactively manage to secure achievements.
Level: Solution Advisor
Work you’ll do:
As a Consultant, you will be supporting the team/clients with their Cyber needs specifically helping them address Cloud Security concerns and navigate the journey to the Cloud on the Microsoft Sentinel Platform. This will include:
· Assist in designing and implementing secure, scalable, and resilient Google SecOps architectures for deploying SIEM and SOAR platforms that comply with enterprise security policies and regulatory requirements (e.g. GDPR, PCI-DSS).
· Support end-to-end deployment of log ingestion pipelines using a variety of data fabric technologies and API integrations (e.g. Bindplane + Cloud Feeds).
· Collaborate with SOC analysts and threat detection engineers to prioritize, develop, and tune threat detection content (rules) within Google SecOps to detect malicious behavior and adversaries within enterprise environments.
· Translate SOC processes to automation playbooks within SOAR to alleviate alert fatigue and scale alert triage and response.
· Develop and facilitate custom integrations between third-party platforms and security tooling and Google SecOps to support automated data ingestion, alert enrichment, and response.
· Assist in architecting and building robust case management solutions within Google SecOps SOAR to ensure strong operational metrics support and optimization of the analyst experience.
· Stay current on cyber security threats, vulnerabilities, and compliance trends to enhance organizational security posture.
Must Have Skills:
· Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field (or equivalent work experience).
· 3-5 years of experience in security operations, threat detection engineering, or enterprise IT security.
· Hands-on experience with Google Cloud’s SecOps tool stack and architecture (specifically SIEM and SOAR, FKA Google Chronicle and SIEMplify, respectively).
· Strong knowledge of security principles and frameworks such as MITRE ATT&CK and Killchain.
· Proficient scripting skills in Python for automation and integration development.
· Scripting skills in Gostash or Logstash for log normalization / parsing.
· Familiarity with ETL (Extract, Transform, Load) pipelines and associated concepts (e.g. Cribl, Bindplane, NXLog, Kafka)
Good to Have Skills:
· Certifications such as: Google Cloud Professional Architect, Google Cloud Professional Security Engineer, Certified Cloud Security Professional.
· Familiarity with Threat Hunting and Cyber Threat Intelligence fundamentals.
· Proficiency in data fabric technologies (e.g. Bindplane, Cribl).
· Foundational knowledge in infrastructure and networking fundamentals, such as IP networking, VPNs, DNS, load balancing, and firewalling concepts.
· Familiarity with Cloud infrastructure broadly, exposure to multi-cloud environments (AWS, Azure)
· Experience in multiple SIEM and / or SOAR tools (e.g. Splunk, XSOAR).
· Experience in Virus Total / Mandiant products and solutions, or Google Threat Intelligence.
· Familiarity with AI frameworks such as MCP and ADK for agentic workflow development / integration specific to SecOps tooling (e.g. SIEM, SOAR, GTI, ASM)
Education:
· B.Tech/M.Tech/MS/MBA
Location:
· Bengaluru/Hyderabad/Pune/Chennai/Kolkata