Apply now »

Job Title:  Deputy Manager | Security Information and Event Management (SIEM) | Hyderabad | Cyber Defense & Resi

Job requisition ID ::  96006
Date:  Jan 16, 2026
Location:  Hyderabad
Designation:  Deputy Manager
Entity:  Deloitte Touche Tohmatsu India LLP

Deputy Manager:L3 (24x7 rotating shifts)

·      6-8 years of experience in 24x7 (rotating shifts) monitoring at a Security Operations centre

·       Hands-on experience in security tools such as IBM QRadar, FireEye Anti-APT solution

·      Review and triage information security alerts worked by L1/L2, provide analysis, determine and track remediation, and escalate as appropriate.

·      Desirable to have experience of SOC Monitoring and tirage using SOAR

·      Knowledge on XDR can be an added advantage

·      Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.

·       Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc.

·       Reviews the most recent SIEM alerts to see their relevance and urgency. Carries out triage to ensure that a genuine security incident is occurring. Oversees and configures security monitoring tools.

·       Inform L4 team of proactive and reactive actions to minimize false positives.

·       Maintain, manage, improve and update security incident process and protocol documentation (Run Book).

·      Strong understanding of Windows event log analysis.

·       Acts as Security Incident Handler for high-impact cyber security incidents and advanced attacks in accordance with Cyber Kill Chain methodology and incident response process.

·      Conducts malware analysis and identification of Indicators of Compromise (IOCs) to evaluate incident scope and associated impact.

·       Enhances workflow and processes driving incident response and mitigation efforts.

·       Practical understanding of exploits, vulnerabilities, computer network intrusions, adversary tactics, exfiltration techniques and common knowledge.

·       Demonstrate proficiency in the Incident Response Process as well as the performance of threat hunting and SOC operations.

·       Log analysis across disparate log sources, prioritize and differentiate between potential intrusion attempts and false alarms.

·       Sound understanding of different attack frameworks like Kill Chain & MITRE & ability to utilize them for incident response & reporting.

  Certification’s requirements: CEH certified, Comptia

 It will be 5 days working on a rotating shifts basis, week off’s can be on any 2 days of the week as would be decided by the Reporting Manager.

Apply now »