Position Summary

Deloitte is seeking an experienced Level 3 Security Analyst to support our Managed Detect and Respond (MDR) team. As a Tier 3 Security Analyst, you will:

Primary Responsibilities

• Monitor internal and client networks for potential security issues or events, utilizing standard monitoring tools and within a documented scope
• Perform investigations on potential security breaches or other identified security events
• Adhere to the rules and conditions concerning the unique official and appropriate use policies of each of our clients
• Use Endpoint tools such as CrowdStrike to mitigate and resolve security events within the client environment
• Adhere to guidelines on remediation/IR activities for each client
• Regularly document and track activities performed during the handling of any ticket or interaction with a client

• Identify trends within client SIEM alerts, identifying opportunities for content development, content tuning and filtering
•  Assist in preparing SIEM/Threat Management related ad-hoc, monthly, quarterly, and/or annual reports
• Develop, document, and update necessary Standard Operating Procedures (SOPs)
• Apply threat intelligence to enable and support network defense operations
• Perform regular reviews of alert tickets handled by L1 Security Analysts – (trend/efficiency analysis)
• Provide mentoring and development opportunities for L1/L2 Security Analysts
• Identify network security and technology gaps and make informed recommendations to improve customer security posture
• Lead coordination of security event/ incident workflows – get escalation from L1/L2 and work with the client/end users for resolutions/remediation
• Respond to event or alert escalation requirements
• Directly interact with client security operations personnel to address any questions or concerns identified by the client
• Act as senior level analyst to L1/L2 analysts

Required Skills and Experience

• At least two years’ of demonstrated experience as a Security Analyst within a Security Operations Center (SOC)
• Flexibility to operate under a shift schedule, if necessary
• Advanced understanding of multiple operating systems with an emphasis on SIEM technologies
• Advanced understanding of monitoring and detection techniques
• Excellent written and oral communication skills
• Expertise in identifying and mitigating network vulnerabilities
• Understanding of patch management
• Knowledge of firewall, antivirus and IDS/IPS concepts

Preferred Skills and Qualifications

• Digital Forensics/ Incident Response (DFIR) experience
• Proficiency in MSSP or Managed Service Provider technology and best practices
• Information Security certifications such as: Network +, Security +, GCIH, or other training and/or certifications

Day to day Tasks:

• Lead coordination of security event/ incident workflows – receive escalation from L1/L2 and work with the client/end users for resolutions/remediation
• Perform regular reviews of alert tickets handled by L1 Security Analysts – (trend/efficiency analysis)

• Confirm end user activity/service account activity/internal policies to resolve/further escalate issues/violations to client security operations team
  • Not limited to reaching out to end users/IAM team/help desk/other teams agreed up before starting or during the engagement
  • Might require addition tool/enhanced access to the client environment
  • Level of reach/access to the environment should also determine pricing/contract
• Review/recommend rules on SIEM/IDS/other security tools for better detections or as part of remediation
• Represent Threat Management during discussion on process/workflows/content/alerts and major incidents
• Be involved in investigating major incidents reported by the SOC or the client

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

Our people and culture

Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture.

Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

As used in this posting, "Deloitte Advisory" means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. These entities are separate subsidiaries of Deloitte LLP.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available.

Requisition code: 75203