Job Title:  T&T | Cyber: D&R | AM | SIEM- Threat Hunting| Mumbai

The team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks: Learn more about Cyber | Deloitte

Your work profile

• Proactively hunt for threats across endpoints, network, and logs using SIEM/EDR tools
• Develop and execute threat hunting hypotheses based on threat intelligence and attack patterns
• Analyze large datasets (logs, alerts, network traffic) to identify anomalies and indicators of compromise (IOCs)
• Work closely with SOC (L1/L2) and Incident Response teams to validate and escalate findings
• Create and fine-tune detection rules/use cases in SIEM (e.g., IBM QRadar)
• Leverage threat intelligence feeds (MITRE ATT&CK mapping, TTPs) to enhance hunting strategies
• Perform retrospective analysis to identify missed attacks
• Document hunting findings, attack patterns, and recommendations
• Automate repetitive hunting tasks using scripts (Python, PowerShell, etc.) 

Key Skills Required: 

• Education: - Any Graduate or B.E / B. Tech (Tier 1/2) in Computer Science, Information Technology or related fields 
• 3+ years in SOC / Threat Hunting / Incident Response 
• Hands-on experience with SIEM tools (e.g., QRadar, Splunk) 
• Exposure to EDR/XDR platforms 
• Network protocols (TCP/IP, DNS, HTTP/S) 
• Windows/Linux security logs 
• Endpoint behaviour and attack techniques 
• MITRE ATT&CK framework 
• Threat intelligence platforms 
• Log analysis and correlation 
• Basic scripting skills (Python, Bash, PowerShell)