Job Title: T&T | Cyber: D&R | Assistant Manager | SOC SIEM | Mumbai
The team
Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks
Your work profile
- Performs in-depth investigation of alerts escalated by L1 to identify true security incidents
- Conducts log analysis and event correlation across SIEM, EDR, and network security tools
- Validates true positives vs false positives and determines incident severity and impact
- Supports incident response activities including containment and escalation to L3 teams
- Leverages threat intelligence to enrich analysis and identify attack patterns
- Investigates common use cases such as phishing, malware, lateral movement, and privilege abuse
- Provides feedback for detection tuning to reduce alert noise and improve accuracy
- Documents findings and ensures proper ticket updates and incident tracking
- Collaborates with L1, L3, and other teams for end-to-end incident handling
- Works with tools like IBM QRadar, Splunk, CrowdStrike Falcon etc.
Key skills required:
- Strong hands-on experience with SIEM tools like IBM QRadar
- Proficiency in EDR/XDR platforms such as CrowdStrike Falcon
- Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S, firewalls, proxies)
- Ability to perform log analysis and event correlation across multiple data sources
- Working knowledge of MITRE ATT&CK framework for mapping attacker techniques
- Experience in handling security incidents (phishing, malware, ransomware, lateral movement)
- Familiarity with threat intelligence platforms and IOC enrichment
- Basic scripting/query skills (KQL, SPL, SQL, Python) for investigation and automation
- Understanding of endpoint, network, and cloud security fundamentals
- Strong analytical thinking with ability to differentiate false positives from real threats
Desired qualifications
- Education B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields
- Experience Required - 4 to 6 years
- Shall have 4-6 Years of experience and proposed OEM certifications
- Base location: Mumbai (Any where - Mandatory client deputation)