SOC Level 2 Analyst - Top Secret

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.

Work You'll Do

As a Fusion Level 2 Analyst, you will support the Security Operations Center (SOC) as the first line of defense for identifying potential information security incidents.

• Monitor client sources of potential security incidents, health alerts with monitored solutions, and requests for information. This includes the monitoring of real-time channels or dashboards, periodic reports, email inboxes, helpdesk or other ticketing systems, telephone calls, and chat sessions.
• Follow client and incident-specific procedures to perform triage of potential security incidents to validate and determine needed mitigation.
• Escalate potential security incidents to client personnel, implement countermeasures in response to others, and recommend operational improvements.
• Keep accurate incident notes in the case management system.
• Maintain awareness of the client's technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by client threat intelligence, and recent security incidents.
• Provide advanced analysis of the results of the monitoring solutions, asses escalated outputs and alerts from Level 1 Analysts
• Perform web hunting for new patterns/activities.
• Advise on content development and testing.
• Provide advice and guidance on the response action plans for information risk events and incidents based on incident type and severity.
• Ensure that all identified events are promptly validated and thoroughly investigated.
• Provide end-to-end event analysis, incident detection, and manage escalations using documented procedures.
• Devise and document new procedures and runbooks/playbooks as directed.
• Maintain monthly Service Level Agreements (SLAs)
• Maintain compliance with processes, runbooks, templates, and procedures-based experience and best practices.
• Assist the Cyber Hunting team with advanced investigations as needed.
• Provide malware analysis (executables, scripts, documents) to determine indicators of compromise, and create signatures for future detection of similar samples.
• Continuously improve the service by identifying and correcting issues or gaps in knowledge (analysis procedures, plays, client network models), false positive tuning, identifying, and recommending new or updated tools, content, countermeasures, scripts, plug-ins, etc.
• Perform peer reviews and consultations with Level 1 analysts regarding potential security incidents.
• Serve as a subject matter expert in at least one security-related area (e.g. specific malware solution, Python programming, etc.)
• Provide shift status and metric reporting as well as support weekly operations calls.

The Team

Deloitte's Government and Public Services (GPS) practice - our people, ideas, technology, and outcomes-are designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.

Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions.

Qualifications

Required:

• Bachelor's degree required.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
• Active Top Secret clearance required.
• Must be able to work full time on-site in Las Vegas, NV.
• Minimum of 2+ years working in a SOC and/or strong security technology operations environment.
• Travel up to 15%, on average, based on the work you do and the clients and industries/sectors you serve.
• At least one completed certification: Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent
• Must have the ability to work shifts on a rotating basis for 24/7 support of clients.
• 1+ years of experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc.

Preferred Qualifications:

• A strong desire to understand the what as well as the why and the how of security incidents.
• Knowledge of Advanced Persistent Threats (APT) tactics, techniques and procedures.
• Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• Understanding of common network infrastructure devices such as routers and switches
• Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
• Basic knowledge in system security architecture and security solutions

As used in this posting, "Deloitte" means Deloitte Transactions and Business Analytics LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $93,225.00 to $155,375.00.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.