Deloitte

Senior Event Monitoring Analyst, Threat Hunter

Deloitte

full-time

Posted on:

Location Type: Office

Location: MadridSpain

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cyber SecurityDNSFirewallsSMTPUnix

About the role

  • Act as main point of escalation for junior and senior analysts’ investigations about common threats that are targeting Deloitte’s global infrastructure.
  • Support and mentor junior and senior analysts, to be an active part of their career development.
  • Monitoring high-level dashboards to identify advanced threats.
  • Supporting Incident Response tasks.
  • Propose ad-hoc SIEM use cases development and testing.
  • Develop and maintain dashboards for advance threat detection.
  • Provide recommendations for remediation of assets identified during investigations to assist Deloitte with threat mitigations.
  • Foster a culture of collaboration and build team members’ strengths.
  • Collaborate with the service leadership to help grow the service.
  • Performing Threat Hunting activities, following a defined methodology, by proactive and iterative searching of suspicious activity across the Deloitte global network to detect and isolate advanced threats that may evade existing security solutions.
  • Detecting gaps and limitations and proposing enhancement to the current SOC detection capabilities to protect Deloitte infrastructure.
  • Proposing new content to improve defensive capabilities of Deloitte.
  • Collaborating with other teams (Knowledge Sharing sessions, support, operational information exchange, etc.)
  • Research trending campaigns, attack vectors, and provide insights for selecting the next Threat Hunt target.
  • Be tool agnostic – the Threat Hunting tools may evolve over time, and we value concepts over tools. The ideal candidate must possess an acute ability to adapt to any tool.

Requirements

  • Minimum of 3 years of combined experience in the Information Security / Cybersecurity domain with a focus on security event monitoring.
  • Proven track record and experience of the following in a highly complex and global organization: Working with leading: SIEM technologies, Endpoint Detection & Response tooling (EDR), IDS/IPS, Network and host based firewalls.
  • In depth, hands-on experience with at least two of the following technologies: Unix administration, Windows Server administration, Active Directory, Windows Workstation, Routers /Switches management, Firewall Management, Web servers, Identity Access Management, IDS/HDS, System vulnerability scanning tools, Application/Database vulnerability scanning tools, Mobile device analysis, Secure coding.
  • Analyzing possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc. and coordinating remediation actions as necessary.
  • Understanding of common network services and protocols (HTTP(s), SMTP, DNS, etc.), operative systems, vulnerabilities and attack patterns.
  • Performing Threat Hunting activities following a defined iterative methodology.
  • Experience with SOC ticketing systems and proven SOC process knowledge.
  • Relevant security certifications such as Certified Intrusion Analyst (GIAC), CISSP, Certified Ethical Hacker (CEH), Offensive Security Exploitation Expert (OSEE) will be a plus.
Benefits
  • A personalised training and career plan (specific/technical, languages, and soft skills).
  • A culture of continuous, valuable feedback (upwards and downwards).
  • Mentoring programmes based on your professional category.
  • Volunteering programmes and social action initiatives with a national and international scope (WorldImpact).
  • Cultural programmes and subsidised sports clubs (Deloitte Runners Club, padel, football, volleyball, and many more).
  • Medical insurance and health service based at the office: GPs, nurses, physiotherapy, wellbeing, mental health, etc.
  • Flexibility programme.
  • Flexible remuneration plan and a range of benefits for forming part of Deloitte.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
SIEM technologiesEndpoint Detection & Response (EDR)IDS/IPSUnix administrationWindows Server administrationActive DirectoryFirewall ManagementSystem vulnerability scanning toolsApplication vulnerability scanning toolsThreat Hunting
Soft skills
mentoringcollaborationcommunicationproblem-solvingleadershipadaptabilityteam buildingcareer development supportinsight generationrecommendation provision
Certifications
Certified Intrusion Analyst (GIAC)CISSPCertified Ethical Hacker (CEH)Offensive Security Exploitation Expert (OSEE)