Deloitte Regional SOC Manager - Cyber Defense in Nashville, Tennessee

Deloitte is one of the leading professional services organizations in the United States, specializing in audit, tax, consulting and financial advisory services with clients in more than 20 industries. We provide powerful business solutions to some of the world s most well-known and respected companies, including more than 75 percent of the Fortune 100.At Deloitte, you can have a rewarding career on every level. In addition to challenging and meaningful work, you ll have the chance to give back to your community, make a positive impact on the environment, participate in a range of diversity and inclusion initiatives, and find the support, coaching, and training it takes to advance your career. Our commitment to individual choice lets you customize aspects of your career path, your educational opportunities and your benefits. And our culture of innovation means your ideas on how to improve our business and your clients will be heard.

Work you ll do

This position will directly support the security operationsstaff by providing oversight, guidance, and mentorship to a 10-15-person teamof security analysts and will report directly to the Regional SOC SeniorManager. In this player/coach role, theperson will manage and mentor SOC staff who will apply analytic and technicalskills in order to investigate intrusions, identify malicious activity andpotential insider threats, and perform incident response.

This would include, but not be limited to, managing day-to-daySOC duties, training plans, the SOC Regional Level 3 analysts, and providingmetrics/reporting for all security related incidents. This position wouldwork directly with vendors, FSS s, other ITS teams, Information Security Risk& Compliance (IRC) and potentially clients to manage incidents out of theSOC. Ensure coordination between the various teams within the SOC. The SOC regional team includes analysts inthe US as well as other global regions. Communicate any pertinent securitymetrics to affected customers.

Essential job functions:

  • Identify and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement

  • Assist in the selection and tailoring of approaches, methods and tools to support SOC offerings

  • Actively participate in decision making with leadership and seek to understand the broader impact of current decisions

  • Generate innovative ideas and challenge the status quo

  • Play substantive role in the training and development of staff/SOC analysts

  • Evaluate, counsel, mentor and provide feedback on performance of others

  • Play substantive/lead role in retention of professionals and in building staff complement, mix, and recruiting

  • Play substantive/lead role in developing a strong relationship with internal resources

  • Manage the design, development, implementation and support of all components within the Regional Security Operations Center. Manage the Regional Security Operations Center SOC Analysts.

  • Monitor security events from multiple sources, analyze the results and escalate, when necessary, to the appropriate group for remediation. The events will originate from, but are not limited to DLP, IDS, IPS, antivirus, firewalls and system security logs.

  • Identify potential security exposures that may currently exist or may pose a potential future threat to the US Firm s networks or systems. Ensure Cyber Security leadership is notified when these exposures are identified and develop potential remediation plans.

  • Work jointly with Infrastructure and IRC teams to periodically review existing security device architecture and recommend potential updates or enhancements for group review

  • Manage existing metrics program. This will include gathering and analyzing relevant security data from our SIEM, incorporating trending data based on relevant security data and disseminating reports to appropriate groups.

  • Assist in the development of content for the SIEM by engaging the STS Intel Team and Advisory for Threat Intel as well as other SOC groups. Help identify trends within our security metrics.

Relevant Skills:

  • Demonstrate knowledge in on or more of the following information security domains, including:

  • Security Governance and Management

  • Policies and Procedures

  • Information Classification

  • Access Control

  • Incident Response

  • Network Security Operations

  • Security Architectures

  • Identity Management

  • Disaster Recovery & Business Continuity

  • Risk Management

  • System Development Life Cycle

  • Familiarity with security industry standards (ISO 17799, NIST 800 series, etc.)

Qualifications:

  • Bachelor s degree in Computer Science, Business Administration or equivalent educational or professional experience and/or qualifications. An advanced degree is also preferred.

  • 8 years of information security experience. Prefer experience working with SIEM technologies and processes

  • 5 years of experience working in a Security Operations Center preferred. Prefer experience working with ArcSight or Splunk.

  • Understanding of security event monitoring concepts and incident response processes.

  • Possession of current CISSP certification preferred. Familiar with and able to apply time-proven, generally-accepted security methods, concepts and techniques.

  • Strong negotiation skills and ability to interact effectively with direct managers and staff in both technical and business roles

  • Able to defuse situations, work around defensive attitudes, and deal with diverse personalities to achieve assignment objectives

  • Good understanding of networking (WAN, LAN, wLAN), network domains (Internet, Intranet, DMZ), communication techniques/protocols and their combined effects on network and host system security

  • Ability to maintain awareness of local, national and international trends and developments in the area of security and ability to relate them to the needs of the Deloitte U.S. Firms

  • Ability to learn and retain new skills, as required, in order to meet the demands of a rapidly changing technical environment

  • Ability to work non-standard shifts and/or on-call to support the requirements of the organization

  • Ability to possess and maintain a security clearance issued by the U.S. Government. Possession of active clearance preferred.

  • Ability to travel occasionally (up to 25%), including international travel

How you ll grow

At Deloitte, we ve invested a great deal to create a richenvironment in which our professionals can grow. We want all our people todevelop in their own way, playing to their own strengths as they hone theirleadership skills. And, as a part of our efforts, we provide our professionalswith a variety of learning and networking opportunitiesincluding exposure toleaders, sponsors, coaches, and challenging assignmentsto help acceleratetheir careers along the way. No two people learn in exactly the same way. So,we provide a range of resources including live classrooms, team-based learning,and eLearning. DU: The Leadership Center in India, our state-of-the-art,world-class learning Center in the Hyderabad offices is an extension of theDeloitte University (DU) in Westlake, Texas, and represents a tangible symbolof our commitment to our people s growth and development.ExploreDU: The Leadership Center in India

Benefits

At Deloitte, we know that great people make a greatorganization. We value our people and offer employees a broad range ofbenefits.Learnmore about what working at Deloitte can mean for you.

Deloitte s culture

Our positive and supportive culture encourages our people todo their best work every day. We celebrate individuals by recognizing theiruniqueness and offering them the flexibility to make daily choices that canhelp them to be healthy, centered, confident, and aware. We offer well-beingprograms and are continuously looking for new ways to maintain a culture thatis inclusive, invites authenticity, leverages our diversity, and where ourpeople excel and lead healthy, happy lives. Learnmore about Life at Deloitte.

Corporate citizenship

Deloitte is led by a purpose: to make an impact thatmatters. This purpose defines who we are and extends to relationships with ourclients, our people and our communities. We believe that business has the power to inspire and transform. Wefocus on education, giving, skill-based volunteerism, and leadership to helpdrive positive social impact in our communities. Learnmore about Deloitte s impact on the world.

About Deloitte

As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: If you are not reviewing this job posting on our Careers site (careers.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at careers.deloitte.com.

Category: Information Technology