Job Title: Associate Director | Security Information and Event Management (SIEM) | Hyderabad | Cyber Defense &

Associate Director | Security Information and Event Management (SIEM) | Hyderabad | Cyber Defense &
• Job requisition ID : 109040
• Location: Hyderabad
• Entity: Deloitte Touche Tohmatsu India LLP
The team
Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks: Learn more about Cyber | Deloitte
Your work profile
- Lead enterprise-wide SIEM transformation and migration programs from legacy platforms such as Splunk, QRadar, ArcSight, LogRhythm, Securonix, Exabeam, and Elastic to Next Generation SIEM platforms like Google SecOps, Microsoft Sentinel, Palo Alto Cortex, etc.
- Define migration strategies, operating models, implementation roadmaps, and transition plans.
- Oversee assessment, sizing, onboarding, normalization, enrichment, and optimization of security telemetry.
- Drive end-to-end implementation and deployment of:
- Google Security Operations (Google SecOps)
- Microsoft Sentinel
- Palo Alto Cortex XSIAM/XDR
- Establish governance frameworks, delivery milestones, risk management plans, and quality controls during implementation programs.
- Manage multiple concurrent transformation engagements while ensuring adherence to timelines, budgets, and quality standards.
- Manage and support a team of SOC analysts (Tier 1, Tier 2, Tier 3), incident responders, and engineers in handling security incidents for clients
- Lead security operations and managed detection & response (MDR) services for enterprise and MSSP environments.
- Establish and operationalize Next Generation SOC capabilities using cloud-native security platforms.
- Ensure effective monitoring, triage, investigation, response, and remediation processes across client environments.
- Define and manage operational KPIs, SLAs, and security performance metrics.
- Drive continuous improvement initiatives focused on detection quality, analyst productivity, and response effectiveness.
- Support transition from project implementation to business-as-usual operations.
Detection Engineering & Use Case Development
- Lead development and optimization of advanced detection content and threat detection use cases.
- Design and implement:
- Detection rules
- Correlation logic
- Behavioural analytics
- UEBA use cases
Security Automation & SOAR Engineering
- Lead security orchestration and automation initiatives across SIEM and SOC ecosystems.
- Design and implement automated playbooks and workflows for incident response and operational activities.
- Integrate security platforms with:
- EDR/XDR solutions
- Identity platforms
- Cloud platforms
- Ticketing systems
- Vulnerability management tools
- Improve Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through automation.
Key Skills Required:
- Education: Bachelor’s degree in information security, Computer Science, or a related field. A master’s degree in Cybersecurity or Business Management is preferred
- 13+ years of experience in cybersecurity, with at least 5+ years in SOC management or an equivalent leadership role
- Experience working in an MSSP or managing security operations for multiple clients is preferred
- Strong experience with security tools (SIEM, EDR, IDS/IPS), threat intelligence, and incident response
- Proven track record of leading teams in a 24/7 SOC environment
- Certifications:
- Google Professional Security Operations Engineer
- Palo Alto Networks Certified XSIAM Analyst or Engineer
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- GIAC (GCIH, GCIA, GSOC)
- CompTIA Security+
Mandatory Experience (any two)
- Google Security Operations (Google SecOps)
- Microsoft Sentinel
- Palo Alto Cortex XSIAM / Cortex XDR
- SIEM migration and modernization programs
- SOC transformation and operating model design
- Detection engineering and threat hunting
- Security automation and SOAR
- MITRE ATT&CK Framework
- Incident Response and Security Operations
