Job Title:  T&T | Cyber : D&R | Deputy Manager I Google Secops / Splunk ES | Bengaluru

Location - Bangalore

The team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about Cybersecurity  

Your work profile

• Design, deploy, configure, and maintain SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight, LogRhythm, Azure Sentinel)
• Onboard and normalize log sources from servers, network devices, cloud platforms, applications, and security tools
• Develop and fine-tune correlation rules, alerts, dashboards, and reports
• Perform SIEM performance tuning and optimization to reduce false positives
• Support SOC teams in incident detection, analysis, and response
• Integrate SIEM with SOAR, EDR, IAM, cloud security, and threat intelligence feeds
• Conduct use-case development aligned with MITRE ATT&CK framework
• Ensure compliance with security standards and regulations (ISO 27001, SOC 2, PCI-DSS, HIPAA, etc.)
• Troubleshoot SIEM ingestion, parsing, and data quality issues
• Automate repetitive tasks using scripting (Python, PowerShell, Bash)
• Participate in security audits, threat hunting, and continuous improvement initiatives
• Document SIEM architecture, procedures, and operational runbooks.

 Key Skills Required

• 6-8 years of experience in cybersecurity with strong focus on SIEM engineering
• Hands-on expertise with at least one major SIEM platform
• Strong understanding of:
• Log management and event correlation
• Network security (Firewalls, IDS/IPS, VPNs)
• Operating systems (Linux, Windows)
• Cloud platforms (AWS, Azure, GCP)
• Experience with regex, log parsing, and data normalization
• Knowledge of threat intelligence and attack techniques (MITRE ATT&CK)
• Scripting experience (Python, PowerShell, Shell)
• Familiarity with SOC operations and incident response workflows.
• SIEM certifications (Splunk Certified Architect, QRadar Admin, Azure Sentinel, etc.)
• Security certifications (CEH, GCED, GCIH, CISSP)
• Experience with SOAR platforms and automation
• Exposure to DevSecOps and CI/CD security integrations
• Education - Bachelor’s degree in Computer Science, IT, Cybersecurity, or equivalent.