USI - FY26 - Cyber Defense and Resilience - SOAR - Solution Advisor - - 319070

Cyber

Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience, grow with confidence, and proactively manage to secure achievements.

Position Summary

Level: Solution Advisor

Work you’ll do:

As a SOAR Automation Developer, you will be part of the CDR Automation team. You need possess an understanding of Indicators of Compromise, characterization and forensic engineering of compromised systems, operations security, compliance, mitigation, and analysis through tools that detect advanced threats.

Develop automation playbooks using modern SOAR Platforms (for example, Tines, Splunk SOAR, Swimlane, Palo XSOAR) to support Security Operations
Design and Develop Integration solutions to other security appliances and not limiting to Exabeam, Chronical, Crowdstrike, Splunk ES by leveraging SOAR Platform
Test, customize and master APIs for off-the-shelf and common security and IT tools
Maintain a solid understanding of the Cyber Security Operation Center (people, process, SIEM technology), goals, and security initiatives
Identify and recommend operational improvements to the Deloitte Cyber Service, drawing on SOC operational experience and industry specific knowledge of risks
Manage any in scope solution projects (integration/ implementations)
Manage communications with vendors, 3rd party service providers, Deloitte leadership, and client personnel when required
Analyze complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
Adhere to internal operational security and other Deloitte policies
Contribute to team and organizational improvements in process and infrastructure

The Team:

Cyber Defense & Resilience teams assist clients in defending against advanced threats by transforming security operations, and by monitoring technology, data analytics, and threat intelligence. They help manage and protect dynamic attack surfaces and provide rapid crisis and cyber incident response, thereby ensuring that clients can be ready for, respond to, and recover from business disruptions. Examples of work include Operational Resilience, Crisis & Incident Response, and Security Operations Center Transformation. As part of Deloitte’s Cyber Defense & Resilience portfolio, our SecOps teams partner with clients to strengthen security operations and cyber resilience. We deliver end-to-end services—from strategic assessments and innovation workshops to implementing next-generation SIEM solutions—enabling proactive risk identification and mitigation across digital environments. Leveraging advanced analytics, AI-driven detection, and optimized data management, we provide continuous monitoring and rapid response to emerging threats. This integrated approach empowers organizations to build robust, future-ready security postures and confidently navigate an evolving cyber threat landscape.

Qualifications

Must Have Skills/Project Experience/Certifications:

Understanding of the Agile software development life cycle: Analysis, Design, Coding, Testing and promotion into Production.
3-5 years' work experience as a Functional Programming Language Developer (“Python or JavaScript Preferred”)
Understanding how modern software architectures works (client-server, Web technology, micro-services) Understanding of SOAR technologies (Security Orchestration and Automation Response) and should have hands-on experience in building playbooks and automations
Understanding of common network infrastructure devices such as routers and switches
Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
Basic knowledge of cloud infrastructure and operations, system security architecture, and security solutions
Strong programming experience solving technical challenges
Database technologies proficiency: SQL, NoSQL, or PostgreSQL
Understand multi-process architecture
Professional experience with Code Repositories and Version Control “GitHub Preferred”

Good to Have Skills/Project Experience/Certifications:

3+ years working in security information and/or technology engineering support experience
Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH) or equivalent
Experience with security operations technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, Advanced Persistent Threats (APT)
Strong understanding of threat analysis and enterprise level mitigation strategies and frameworks like “MITRE”
Working knowledge of cyber threats, defenses, motivations, and techniques
Excellent interpersonal and organizational skills
Excellent oral and written communication skills
Strong analytical and problem-solving skills
Self-motivated to improve knowledge and skills
An ardent desire to understand the root cause of security incidents along with identification of threat vectors
Knowledge of web application frameworks: Flask, Django etc. for dashboard/ widget development

Education:

Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Engineering, or a related field

Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.

Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.

Professional development

At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India.

Benefits to help you thrive

At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you.

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.