Journeyman Security Operations Center Analyst | Secret Clearance Required

Engineering and Product | Hybrid Cloud and Infrastructure Engineering

Los Angeles, California, United States

Back to search results
Back to search results

Position Summary

Our Deloitte AI & Engineering team to transform technology platforms, drive innovation, and help make a significant impact on our clients’ success. You’ll work alongside talented professionals reimagining and reengineering operations and processes that are critical to businesses. Your contributions can help clients improve financial performance, accelerate new digital ventures, and fuel growth through innovation.

Work You’ll Do

The Cyber Analyst team member is responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) as well as on-premises and cloud enterprise networks. This includes analysis of device communication, forensic analysis of Windows or Linux systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, and malware identification/triage.

An ideal candidate for this position will be a proactive self-starter who has experience with system administration, Windows and Linux operating systems (OS) mechanics including filesystem structures, disk and memory forensics, cyber aware Operational Technology or Control Systems operators, commonly used mechanisms for maintaining security persistence, privilege escalation, and lateral data movement, operating system log analysis, and triaging suspicious file artifacts for unusual behavior. This role requires a familiarity with what routine OS activities and common software/user behavior looks like in the context of forensic artifacts or timelines. Analysts should also be familiar with common categories and formats of host-based indicators of compromise (IOCs) and how/where they can be leveraged to identify known-bad files/activity on an endpoint. Candidate will utilize the Cyber Kill Chain and synthesize the entire attack life cycle along with creating detailed reports on how impacts may or have occurred.

Key Responsibilities:

• Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities.

• Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices.

• Asses Security Technical Implementation Guides (STIGs) compliance and completion.

• Utilize asset mapping tools to verify connected inventory.

• Handle Information Assurance Vulnerability Management (IVAM) notifications.

• Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions.

• Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency.

Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiences.

The Team

Deloitte’s Government & Public Services (GPS) practice – our people, ideas, technology and outcomes – is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.

Our Hybrid Cloud Infrastructure offering provides specialized engineering capabilities to design, implement, manage, and operate hybrid cloud environments, modernize networks and AI infrastructure from the core to the edge, and incubate new infrastructure and device services to help clients stay ahead with the latest technology advances.

The Project Delivery Talent Model is designed for professionals with specialized skills that align to a current client need. Team members focus on delivering services to clients, without additional expectations related to business development or promotion. Their employment is tied to their role on a project, and they are eligible for a benefits package that is competitive for project delivery-focused professionals.

Qualifications

Required:

• Bachelor’s degree

• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

• Active Secret security clearance required

• 3 + years of experience in security operations, demonstrating analytical duties and preforming host or network security analysis.

• Proficient in analyzing cyber-attacks, with a deep understanding of attack classifications, stages, system/application vulnerabilities, and compliance with Department of Defense (DoD) policies and procedures.

• Applied knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center.

• Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations.

• Ability to be onsite 100% of the time in Port Hueneme, CA

Preferred:

• Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS)

• Strong analytical and troubleshooting skills

• Able to provide expert content development in Splunk Enterprise Security using tstats and data models

• Understands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $107,900 to $179,900.

Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html


Deloitte is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to participate in the recruiting process, please direct your inquiries to the Global Call Center (GCC) at USTalentCICInbox@deloitte.com.
Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.
Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas, and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. 
Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.  Learn more.
Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.
As used in this posting, "Deloitte" means Deloitte Consulting LLP, a subsidiary of Deloitte LLP. Please see https://www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Qualified applicants with criminal histories, including arrest or conviction records, will be considered for employment in accordance with the requirements of applicable state and local laws, including the Los Angeles County Fair Chance Ordinance for Employers, City of Los Angeles’s Fair Chance Initiative for Hiring Ordinance, San Francisco Fair Chance Ordinance, and the California Fair Chance Act. See notices of various fair chance hiring and ban-the-box laws where available. Fair Chance Hiring and Ban-the-Box Notices | Deloitte US Careers
Requisition code: 325621
Job ID 325621

SCAM ALERT

Caution against fraudulent job offers!

We have been informed of instances where jobseekers are led to believe of fictitious job opportunities with Deloitte US (“Deloitte”). In one or more such cases, false promises of actual or potential selection, or initiation or completion of the recruitment formalities appear to have been or are being made. Some jobseekers appear to have been asked to pay money to specified bank accounts of individuals or entities as a condition of their selection for a ‘job’ with Deloitte. These individuals or entities are in no way connected with Deloitte and do not represent or otherwise act on behalf of Deloitte.

We would like to clarify that:

  • At Deloitte, ethics and integrity are fundamental and not negotiable.
  • We are against corruption and neither offer bribes nor accept them, nor induce or permit any other party to make or receive bribes on our behalf.
  • We have not authorized any party or person to collect any money from jobseekers in any form whatsoever for promises of getting jobs in Deloitte.
  • We consider candidates on merit and that we provide an equal opportunity to eligible applicants.
  • No one other than designated Deloitte personnel (e.g., a Deloitte recruiter or Deloitte hiring partner) is permitted to extend any job offer from Deloitte.

Anyone who at any time has made or makes any payment to any party in exchange for promises of job or selection for a job with Deloitte or any matter related to this (including those for ‘registration’, ‘verification’ or ‘security deposit’) or otherwise engages with any such person who has made or makes fraudulent promises or offers, does so (or has done so) entirely at their own risk. Deloitte takes no responsibility or liability for any such unauthorized or fraudulent actions or engagements. We encourage jobseekers to exercise caution.