Foundry Cyber SOAR Senior Consultant

Profile

87,485

Job Information

Deloitte

Foundry Cyber SOAR Senior Consultant

in

Lansing

Michigan

Are you interested in improving the cyber and organizational risk profiles of leading companies? Do you want to be involved in projects ranging from Fusion Center / Security Operations Center (SOC) strategic development to maturity assessments to implementation of leading threat monitoring, detection and analytics technologies? Can you deal with changing requirements from project to project, learn what you need to get the job done, and produce accurate and timely results?

If yes, then Deloitte's Cyber team could be the place for you! Deloitte's Cyber services help organizations create a cyber-minded culture and become stronger, faster, more innovative, and more resilient in the face of persistent and ever-changing cyber threats.

Join our team of Cyber professionals who focus on helping clients design and implement transformation enterprise security programs with an emphasis on defending against, recovering from, and remediating major cyberattacks.

As a Cyber Senior Consultant for Deloitte's Cyber services, you'll work with our diverse teams of leading professionals to help design and implement solutions to some of today's toughest cybersecurity challenges so they can achieve business growth and manage risk.

In your role as a Senior Consultant, you will support a team in delivering projects across a variety of cyber topics, including such examples as:

Providing Deloitte's perspective on the latest SOC trends via current state maturity assessment, do now/do next/do later roadmap

Assisting clients in identifying and deploying security analytics, alerting and automation solutions based on their organizational requirements technical integration with key data inputs (e.g. raw security telemetry coupled with referential data)

Conduct detailed process and technical analysis to identify candidate IR processes for automation and implement process improvements and automations to improve incident triage, investigate and containment activities.

Enhancing and documenting existing SOC processes to increase centralized visibility in order to identify suspicious activity to reduce the mean time to detect and respond to cyber threats.

Responsibilities:

Increase maturity of key SOC capabilities across governance, people, processes and technology to proactively monitor, detect, investigate, and respond to known and unknown attacks

Drive impact of SIEM solution changes on the operational efficiencies of the Security, Network operational teams

Evaluate current state against target state,,identifying issues such as workflow gaps, technology limitations or deficiencies, and resource dependencies and design incident response programs supporting security automation and orchestration

Facilitate and/or gather inputs and requirements to formulate content to include workflows, reports, dashboards, playbooks, threat intel, incident analysis etc.

Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions

Author, test, and maintain automation scripts/workflows within SOAR platform

Design, implement, and maintain efficient and reusable Python code

Review, debug, and resolve technical issues throughout all stages of Playbook development

Integrate SOAR platform with other security tools and APIs through platform inbuilt apps and custom apps to execute automated workflows

Measure effectiveness of process improvement and automation efforts via metrics and KPIs

Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements

Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects

Support effective project and program kickoff, identification of all program stakeholders, defining and clarifying program roles and responsibilities.

Track and communicate engagement performance and planning to Deloitte engagement management, ensuring project milestones remain on track and are completed timely, and escalate risks as appropriate

Participate actively in decision making with engagement management and seek to understand the broader impact of current decisions

Create and design effective presentations as a means for communicating project and deliverable progress to clients

Build and nurture positive working relationships with clients with the intention to exceed client expectations

Execute advanced services and supervise staff in delivering basic services

Contribute to Deloitte's thought leadership in client organizations and the external marketplace.

Work cross-functionally with team members to support and drive a collaborative team environment

Actively mentor and train team members on Fusion Center/SOC processes, governance, and frameworks

Adopt a pragmatic approach to dealing with situations where confidentiality is important or where our work is of a sensitive nature. Helping maintain our client's strong professional relationships is integral to our business.

Required:

2 year minimum of work experience in one or more Cyber focus areas such as: Fusion Center/SOC, Network Security, Endpoint Security, Incident Response, Forensics, Threat Intelligence, Vulnerability Management

Bachelor of Science/Business Administration with a concentration in computer science, information systems, information security, math, decision sciences, risk management, engineering (mechanical, electrical, industrial) or other business/technology disciplines

2 years of experience with SOAR platforms such as Phantom, Cortex XSOAR, Swimlane, etc.

5 years of working knowledge of Security related scripting, Python, SOAP/REST APIs, JSON, HTML/CSS, Javascript, XML

2 years of experience with SOC SOPs, playbooks, work instructions and/or other process documents

Proficient understanding of relevant security technologies, such as malware management, network forensics, flow analysis, IDS/IPS, etc.

Ability to demonstrate an investigative mindset. Not just being able to execute a task but being able to understand the reason for that task, and determine next steps depending on the results while maintaining a firm grasp of the overall goals of the entire process

Excellent communication, listening & facilitation skills

Ability to travel 10%, on average, based on the work you do and the clients and industries/sectors you serve

Limited immigration sponsorship may be available

Preferred:

Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation)

Certifications; CISSP, CISA, CISM, GCIH, GMON, GCDA, GPEN, GCFA, GCTI

Experience with consulting skills (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc.)

Demonstrated leadership and team-building abilities

Demonstrable personal interest in computing, security, and digital communication

#LI-DP3

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Company info

Deloitte Development, LLC
Website : http://www.deloitte.com