T&T | Cyber D&R | Deputy Manager I Google Secops Splunk ES | Bengaluru

Location - Bangalore

The team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure vigilant and resilientnot only by looking at how to prevent and respond to attacks but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about Cybersecurity

Your work profile

• Design deploy configure and maintain SIEM solutions (e.g. Splunk IBM QRadar ArcSight LogRhythm Azure Sentinel)
• Onboard and normalize log sources from servers network devices cloud platforms applications and security tools
• Develop and fine-tune correlation rules alerts dashboards and reports
• Perform SIEM performance tuning and optimization to reduce false positives
• Support SOC teams in incident detection analysis and response
• Integrate SIEM with SOAR EDR IAM cloud security and threat intelligence feeds
• Conduct use-case development aligned with MITRE ATT&CK framework
• Ensure compliance with security standards and regulations (ISO 27001 SOC 2 PCI-DSS HIPAA etc.)
• Troubleshoot SIEM ingestion parsing and data quality issues
• Automate repetitive tasks using scripting (Python PowerShell Bash)
• Participate in security audits threat hunting and continuous improvement initiatives
• Document SIEM architecture procedures and operational runbooks.

Key Skills Required

• 6-8 years of experience in cybersecurity with strong focus on SIEM engineering
• Hands-on expertise with at least one major SIEM platform
• Strong understanding of:
• Log management and event correlation
• Network security (Firewalls IDS/IPS VPNs)
• Operating systems (Linux Windows)
• Cloud platforms (AWS Azure GCP)
• Experience with regex log parsing and data normalization
• Knowledge of threat intelligence and attack techniques (MITRE ATT&CK)
• Scripting experience (Python PowerShell Shell)
• Familiarity with SOC operations and incident response workflows.
• SIEM certifications (Splunk Certified Architect QRadar Admin Azure Sentinel etc.)
• Security certifications (CEH GCED GCIH CISSP)
• Experience with SOAR platforms and automation
• Exposure to DevSecOps and CI/CD security integrations
• Education - Bachelors degree in Computer Science IT Cybersecurity or equivalent.