Tier 2 Analyst
Rosslyn, VA

Job Description

Deloitte leads with purpose, solving complex issues for our clients and communities. Across disciplines and across borders, Deloitte Touche Tohmatsu Limited (DTTL) Global supports our network of national member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Our people share a passion for igniting change and a strong service orientation that shapes our organization and those it supports.

The Deloitte Global Cybersecurity function is responsible for the firm's overall objectives of enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of cybersecurity services to Deloitte member firms through regional delivery hubs and a Global Fusion Center. We are seeking an AMER L2 Analyst to join the team.

The AMER L2 Analyst reports to the AMER L3 Analyst. The role focusses on providing Event Monitoring services and serves as an intermediate escalation point identifying and addressing potential information security incidents.

Responsibilities

As part of the Global Cybersecurity team, this professional:

Strategic

* Provide timely advice and guidance on the response action plans for events and incidents based on incident type and severity


* When necessary, and with the Manager's approval, devise and document new procedures



Operational

* Advanced analysis of the results of the monitoring solutions, assess escalated output from Level 1 Analysts


* Web hunting for new patterns/activities


* Provide intermediate event analysis, incident detection, and escalate as needed to Level 3 Analyst with documented procedures


* Remain current on cyber security trends and intelligence (open source and commercial) in order to guide the security analysis & identification capabilities of the SOC team


* Ensures that all identified events are promptly validated and thoroughly investigated


* Responsible for identifying training needs for the junior analysts


* Oversee documentation owned by the SOC team including but not limited to Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs)



Relationship Management

* Report progress and escalate in a timely manner to the AMER L3 Analyst


* Provide oversight and guidance to Level 1 Analysts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents


* Coordinate with the Security Tool specialists to implement new or enhanced content



Expectations from the Professional

Our purpose is to make an impact that matters, and our aspiration is to be the undisputed leader in professional services. At the root of these goals are our Shared Values, which describe the distinctive Deloitte culture. Our Values are timeless, all-encompassing and embrace the cultures in which Deloitte member firms operate. We expect all professionals to live our purpose and shared values and be the brand ambassadors holding Deloitte Global and member firms together.

Integrity

At Deloitte, everything we do starts with integrity. In our marketplace, nothing is more important than our reputation and, accordingly, we commit to conducting business with honesty, distinctive quality, and high levels of professional behavior.

Outstanding value to markets and clients

We play a critical role in helping both the capital markets and our member firm clients operate more effectively. We consider this role a privilege, and we know it requires constant vigilance and unrelenting commitment.

Commitment to each other

We are proud of our culture of borderless collegiality and work hard to support our people. We strive to create an inclusive environment that reflects our strong, clear expectations about diversity, respect, and fair treatment.

Strength from cultural diversity

Our member firm clients' business challenges are complex and benefit from the innovation and varied perspectives that our practitioners bring. We understand that working with people of different backgrounds, cultures, and thinking styles helps our people grow into better professionals and leaders.

#CybDef

Education

* Bachelor's degree: degree in computer science, mathematics, engineering, or other technical degree preferred


* Master's degree preferred



Work experience

* Minimum of 2 years of combined experience in the Information Security / Cybersecurity domain with a focus on security event monitoring


* Proven track record and experience of the following in a highly complex and global organization:
* Working with leading SIEM technologies, IDS/IPS, network- and host- based firewalls, data leakage protection (DLP), DAM (Database activity monitoring)


* In depth, hands-on experience with at least two of the following technologies: Unix administration, Windows Server administration, Active Directory, Windows Workstation, Routers /Switches management, Firewall Management, SANS/NAS, Web servers, IAM/AAA, IDS/HDS, System vulnerability scanning tools, Application/Database vulnerability scanning tools, mobile device analysis or Secure coding


* Analyzing possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc. and coordinating remediation actions as necessary





Certification

* Professional security certification preferred, such as Certified Intrusion Analyst (GIAC), CISSP, Certified Ethical Hacker (CEH), Certified Expert Penetration Tester (CEPT)


* Professional security management certification desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials



Skills/abilities

* Willing to work on any of three 10 hour shifts to offer 24 hours support service


* Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels


* Understanding of network devices such as routers, switches. TCP/IP knowledge


* Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns


* Experience with leading SIEM solutions including Splunk, ArcSight ESM and Loggers


* Experience with ticketing systems


* Intermediate knowledge in system security architecture and security solutions


* Ability to travel as needed up to 25%



All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com

Requisition code: DE20USAGTS004KK0320

*
*
*
*
*
*