T&T | Cyber D&R | SIEM- Google Secops | Assistant Manager | Gurgaon

• Location: Gurgaon

The Team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure vigilant and resilientnot only by looking at how to prevent and respond to attacks but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about Cybersecurity

Your Work Profile

• As Deputy Manager in our Cyber Team youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations.
• Manage maintain and enhance our Google Chronicle SIEM and SOAR platforms ensuring effective monitoring detection and response to security incidents.
• The candidate will have strong experience in Google Chronicle administration detection engineering and SOC operations to provide continuous security improvements automation and technical support to the SOC team.

Key Skills Required:

• • 5 years of experience in Security Operations with 2 years hands-on in Google Chronicle or Google SecOps platform.
  • Chronicle Administration: Deploy configure and manage Google Chronicle SIEM components including data ingestion pipelines UDM parsers detection rules and retention configurations.
  • Log Source Management: Integrate diverse log sources from cloud platforms (GCP AWS Azure) network devices applications and security tools (firewalls EDR DLP etc.) ensuring proper ingestion and normalization.
  • Detection Engineering: Develop fine-tune and optimize YARA-L rules and detection logic to identify malicious behaviors mapping each to MITRE ATT&CK techniques.
  • SOAR Automation: Design implement and maintain automated playbooks in Google SOAR (Siemplify) to streamline incident enrichment and response workflows.
  • Threat Detection & Response: Collaborate with SOC analysts to investigate alerts generated by Chronicle perform event correlation and support incident triage and root cause analysis.
  • Integration & Customization: Utilize REST APIs BigQuery and scripting to enhance Chronicle capabilities and integrate with complementary tools (ServiceNow VirusTotal CrowdStrike Proofpoint Zscaler etc.).
  • Performance Optimization: Monitor ingestion volumes storage utilization and system health to ensure optimal performance of Chronicle tenants in high-EPS environments.
  • Dashboard & Reporting: Create analytical dashboards and management reports for visibility into detections coverage and SOC KPIs.
  • Compliance & Governance: Ensure Chronicle operations and data retention align with enterprise and regulatory frameworks (ISO 27001 NIST CSF RBI GDPR etc.).
  • Troubleshooting & Maintenance: Diagnose and resolve Chronicle-related issues including ingestion delays parser mismatches and detection errors.
  • Upgrades & Enhancements: Coordinate platform enhancements API updates and version rollouts in line with Google best practices and release cycles.
  • Education: Bachelors or Masters degree in Computer Science Information Security or related field.