Work In Tech

--

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

What will your typical day look like?

The Cybersecurity Engineer position supports the SIEM Health Monitoring team which is responsible for monitoring the health and performance of the Splunk platform and data within Splunk. This role is responsible for supporting the Cybersecurity, SIEM and SOC Engineering teams to ensure the efficacy of the Splunk platform by creating content, mitigating monitoring gaps, performing RCA on critical components and creating content. The Role also requires you to work closely with our stakeholders and clients and deliver SIEM Health Monitoring solutions accordingly.

• Provide proficient knowledge of recognizing gaps in alerting and maintaining health of the Splunk infrastructure by robust monitoring and collaboration with Splunk Architecture and Data Management teams.
• Provide skillful knowledge within a Linux environment, editing and maintaining Splunk configuration files and apps using CI/CD pipelines consisting of Azure DevOps - Github
• Collaborate with other Cybersecurity, SIEM and SOC Engineering teams closely to gather requirements, perform troubleshooting, and aid with the creation of Splunk search queries and dashboards as required.
• Will be required interact with senior management, as necessary.
• Troubleshoot and perform RCA on various data quality alerts and SIEM platform alerts.
• Create and drive vendor (Splunk) support cases independently.
• Maintain the SIEM Health Monitoring group in ServiceNow or Azure Devops and ensure all tasks and incident SLAs as met as required by our stakeholders.
• Create, document and update playbooks, process documents, SOW(s), RCA content periodically.
• Actively seek to improve and develop new content to drive process improvement and innovation.
• Participate in bi-annual health checks and strategize monitoring maturity road-map
• Provide excellent customer service, as we will be required to interact/work with other teams to complete our daily tasks.

About the team

At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and implement global strategies and provide programs and services that unite our network.

In Deloitte Global, everyone has opportunities. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.

Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Enough about us, let’s talk about you

Who you’ll work with:

The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte’s global network of firms around the globe.

Qualifications

Required:

• Bachelor’s degree in Computer Science, Information Technology, or relevant educational or professional experience.
• Atleast 2 to 4 years of hands-on Splunk Enterprise and or SplunkCloud Administration experience
• Splunk Enterprise Core certified Admin, Power User, & User
• Strong Working Knowledge of the Splunk Platform and integrations to public cloud, EDR, Networking toolsets.
• Proficient in troubleshooting Splunk performance and data quality issues.
• Strong experience in analyzing, troubleshooting and providing solutions for technical issues.
• Knowledge about various data onboarding methods (UF, HEC, DBConnect, syslog-ng, rsyslog) and means to troubleshoot them.
• Knowledge and experience in GIT, Microsoft Azure DevOps, or any CI/CD tools.
• Experience in requirement gathering and documentation.
• Experience in Log parsing, lookups, calculated fields extractions using regular expression (regex).
• Experience in creating and troubleshooting Splunk Dashboards, Reports, Alerts, Visualizations and optimize SPL searches.
• Sound judgment and deduction skills with a knack to see out patterns.
• Proactive mindset and a self-starter with minimum supervision
• Excellent interpersonal and organizational skills.

Total Rewards

The salary range for this position is $69,000 - $114,000, and individuals may be eligible to participate in our bonus program. Deloitte is fair and competitive when it comes to the salaries of our people. We regularly benchmark across a variety of positions, industries, sectors, targets, and levels. Our approach is grounded on recognizing people's unique strengths and contributions and rewarding the value that they deliver.

Our Total Rewards Package extends well beyond traditional compensation and benefit programs and is designed to recognize employee contributions, encourage personal wellness, and support firm growth. Along with a competitive base salary and variable pay opportunities, we offer a wide array of initiatives that differentiate us as a people-first organization. On top of our regular paid vacation days, some examples include: $4,000 per year for mental health support benefits, a $1,300 flexible benefit spending account, firm-wide closures known as "Deloitte Days", dedicated days of for learning (known as Development and Innovation Days), flexible work arrangements and a hybrid work structure.