Job Title: Manager | Security Information and Event Management (SIEM) | Delhi | Cyber Defense & Resilience
Your potential, unleashed.
India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond.
At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters.
The team
Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks
Your work profile
As Assistant Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: -
Role Overview
The SOC Manager – Microsoft Sentinel is responsible for leading and managing the Security Operations Center (SOC), ensuring effective monitoring, detection, and response to cybersecurity threats across the organization or client environments. This role combines strategic leadership with deep technical expertise, overseeing SOC operations, incident response, threat hunting, and continuous improvement initiatives. The SOC Manager will drive operational excellence, optimize security tooling (including Microsoft Sentinel), and ensure alignment with organizational security objectives and compliance requirements.
Key Responsibilities:
· Lead and manage day-to-day SOC operations, ensuring 24/7 monitoring and incident response readiness.
· Oversee security incident detection, triage, investigation, and response in line with SLAs.
· Act as the escalation authority for high-severity and business-critical incidents.
· Drive incident response strategy including containment, eradication, recovery, and lessons learned.
· Manage and optimize Microsoft Sentinel deployment, including use case development and data onboarding.
· Develop and enhance detection rules, analytics, and automation workflows in Microsoft Sentinel.
· Ensure alignment of detections with MITRE ATT&CK and industry best practices.
· Lead SOC team (L1/L2/L3 analysts), including hiring, mentoring, performance management, and training.
· Define and track SOC KPIs (MTTD, MTTR, SLA adherence, false positive rates).
· Oversee integration and optimization of security tools (SIEM, EDR, SOAR, DLP, etc.).
· Drive threat hunting programs and proactive detection initiatives.
· Ensure health and coverage of log sources across on-prem and cloud environments.
· Lead incident reporting, including executive-level briefings and stakeholder communication.
· Conduct post-incident reviews, tabletop exercises, and continuous improvement initiatives.
· Collaborate with IT, cloud, risk, and compliance teams to strengthen security posture.
· Manage vendor relationships and evaluate new security technologies.
· Ensure compliance with security frameworks (ISO 27001, NIST, etc.).
Required Skills & Expertise
· Experience: 9+ years in cybersecurity with significant experience in SOC operations and team leadership.
· Leadership: Proven experience managing SOC teams and handling large-scale security operations.
· SIEM Expertise: Deep hands-on and architectural knowledge of Microsoft Sentinel.
· Incident Response: Strong expertise in incident management, escalation handling, and crisis response.
· Threat Frameworks: Advanced understanding of MITRE ATT&CK and cyber kill chain.
· Security Tools: Experience with EDR, SOAR, threat intelligence platforms, and network security tools.
· Cloud Security: Strong knowledge of Azure security, M365 Defender, and multi-cloud environments (AWS, GCP).
· Automation & Scripting: Familiarity with PowerShell, Python, and SOAR playbook automation.
· Metrics & Reporting: Ability to define KPIs, generate dashboards, and report to leadership.
· Process Management: Expertise in developing SOPs, playbooks, and operational workflows.
· Communication: Strong stakeholder management and executive communication skills.
Preferred Skills
· Experience in building or scaling SOC operations (greenfield or transformation projects).
· Exposure to threat intelligence integration and purple team exercises.
· Experience in MSSP environments managing multiple clients.
· Knowledge of regulatory and compliance standards (ISO, NIST, GDPR, etc.).
Education Qualifications & Certifications
- Bachelor’s or Master’s degree in Computer Science, Cyber Security, or related field
- Preferred certifications:
- Microsoft SC-200
- Microsoft AZ-500
- GIAC Certifications (GCIH, GCFA, GCIA)
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker
How you’ll grow
Connect for impact
Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report.
Empower to lead
You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership.
Inclusion for all
At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters.
Drive your career
At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte.
Everyone’s welcome… entrust your happiness to us
Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you.
Interview tips
We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.
*Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices.
At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants, and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution.
In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_