Apply now »

Job Title:  T&T | Cyber: D&R | Assistant Manager | SOC SIEM | Mumbai

Job requisition ID ::  102953
Date:  Apr 21, 2026
Location:  Mumbai
Designation:  Assistant Manager
Entity:  Deloitte Touche Tohmatsu India LLP

The team  

 

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks  

  

 

Your work profile  

 

  • Performs in-depth investigation of alerts escalated by L1 to identify true security incidents
  • Conducts log analysis and event correlation across SIEM, EDR, and network security tools
  • Validates true positives vs false positives and determines incident severity and impact
  • Supports incident response activities including containment and escalation to L3 teams
  • Leverages threat intelligence to enrich analysis and identify attack patterns
  • Investigates common use cases such as phishing, malware, lateral movement, and privilege abuse
  • Provides feedback for detection tuning to reduce alert noise and improve accuracy
  • Documents findings and ensures proper ticket updates and incident tracking
  • Collaborates with L1, L3, and other teams for end-to-end incident handling
  • Works with tools like IBM QRadar, Splunk, CrowdStrike Falcon etc.

 

   

 

Key skills required: 

  

 

  • Strong hands-on experience with SIEM tools like IBM QRadar
  • Proficiency in EDR/XDR platforms such as CrowdStrike Falcon
  • Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S, firewalls, proxies)
  • Ability to perform log analysis and event correlation across multiple data sources
  • Working knowledge of MITRE ATT&CK framework for mapping attacker techniques
  • Experience in handling security incidents (phishing, malware, ransomware, lateral movement)
  • Familiarity with threat intelligence platforms and IOC enrichment
  • Basic scripting/query skills (KQL, SPL, SQL, Python) for investigation and automation
  • Understanding of endpoint, network, and cloud security fundamentals
  • Strong analytical thinking with ability to differentiate false positives from real threats

 

Desired qualifications  

 

  • Education B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields 
  • Experience Required - 4 to 6 years  
  • Shall have 4-6 Years of experience and proposed OEM certifications   
  • Base location: Mumbai (Any where - Mandatory client deputation)

Apply now »