Job Title:  Manager | SIEM | Mumbai | Cyber Defense & Resilience

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about Cybersecurity 

Your work profile 

• As Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations 

• Resource will be responsible for End2End Splunk Infrastructure Migration from Physical to Virtual. 

• Deploy, Configure, & Manage Splunk Infrastructure (Indexers, Forwarders, Search Heads, Clustering etc.). 

• Onboard & Parse New Data Sources into Splunk from Various Platforms (Linux, Windows, Cloud Services, Network Devices, etc.). 

• Create & Manage Splunk Knowledge Objects: Dashboards, Alerts, Reports, Saved Searches. 

• Manage User Roles, Authentication (e.g., LDAP, SSO), & Access Control.  

Key skills required: 

• Design, develop, and maintain SOAR playbooks for automated incident response 

• Integrate SOAR platforms with security tools such as SIEM, EDR, Threat Intelligence platforms, firewalls, etc. 

• Automate repetitive SOC tasks to improve response time and reduce manual effort 

• Monitor and troubleshoot SOAR workflows and integrations 

• Collaborate with SOC, IR, and threat intelligence teams to enhance detection and response capabilities 

• Develop scripts (Python, PowerShell, etc.) for automation and integration 

• Perform incident triage and response using SOAR tools 

• Maintain documentation for playbooks, processes, and integrations 

• Continuously optimize workflows for better efficiency and accuracy 

• Hands-on experience with SOAR platforms (e.g., Palo Alto Cortex XSOAR 
  
  Education: Any Graduate Degree.