Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.
Work You’ll Do
The Incident Responder will perform incident response activities related to Internet of Things (IoT) and Operational Technology (OT) devices, including but not limited to:
- Coordinating and managing end-to-end responses to security events and incidents identified by the SOC or reported to the SOC
- Performing initial malware analysis and triage support
- Operating incident analysis tools and systems; and
- Adhering to reporting requirements for all declared significant incidents.
The Team
Deloitte’s Government and Public Services (GPS) practice – our people, ideas, technology, and outcomes—are designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.
Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions.
Qualifications
Required:
- Bachelor’s degree required.
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
- Active Secret Clearance required.
- Ability to work onsite up to 3 times a week.
- A minimum of three years’ experience within the following:
- Identifying and implementing countermeasures/mitigating controls in enterprise network environments
- Familiarity with Internet of Things / Operational Technology (IoT/OT) systems and data
- Security event logging and analysis, including working with event logging systems and performing detailed log reviews
- Security Information and Event Management (SIEM) experience (log collection, analysis, correlation, and alerting)
- Incident triage and investigation across Information Technology (IT), IoT, and OT environments—distinguishing true incidents from false positives, including identifying malicious code and malicious activity
- Working knowledge of common enterprise operating systems (Windows, macOS/OS X, Linux) and a conceptual understanding of Windows Active Directory
- Strong networking fundamentals, including protocols (TCP, UDP, ICMP, BGP, MPLS) and common services/standards (SMTP, DNS, DHCP, SQL, HTTP/HTTPS)
- Proficiency with packet capture (PCAP) tools and PCAP analysis
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
