USI-FY26-Cyber-CyberOperate-Detect & Respond-SA-EDR

Cyber

Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience, grow with confidence, and proactively manage to secure achievements.

Position Summary

Level: Solution Delivery Advisor

As an End-Point Detection Engineer in Deloitte’s Cyber D&R Services, you will be managing and providing End-Point Security systems administrative, health and operational support, including supporting to architecture changes, tool deployments and advanced content development. You will be closely working with SOC, Threat Intelligence and other business, infrastructure and security streams as an advanced escalation point in identifying and addressing potential information security incidents. Your job responsibilities include:

Work you’ll do:

• Provide Architecture analysis, design, and support for Managed Endpoint Protection systems
• Identify gaps and provide engineering solutions to new threats using implemented endpoint tools
• Perform End-Point Protection architecture assessments and design reviews
• Experience in administration of one or more EDR solutions (example - Microsoft Defender ATP, Cylance, Symantec ATP, McAfee MVISION, Tanium, Carbon Black, CrowdStrike, etc.)
• Ensure endpoint security solutions and policies are on track to meet and respond to threats inside of the company's environment.
• Write, configure, manage, and maintain rules and policies for Anti-Virus or Endpoint Security Products (GPO policies, HIPS, Detection Rule Set etc.)
• Lead the development of capabilities that enable the creation of gap analysis and risk assessment with the use of the frameworks such as MITRE ATT&CK etc.
• Assist clients with advanced security incident response action and works with business, security teams and vendors to respond to malware outbreak.
• Perform incident triage and resolution in situations that are not necessarily predefined in procedures and actively support the engineering and forensics processes in the investigations
• Design, implement and monitor health of end-point security solutions, including endpoint agent health, create related dashboards, real time metrics reporting etc.
• Troubleshoot complex enterprise applications, server, and endpoint environments
• Serve as escalation point of L1 and L2 analysts\engineers as applicable.
• Deliver End-Point advisory support and education to other teams, technology management personnel or end users.
• Help define, implement, and monitor key risk indicators and key performance indicators (KRIs/KPIs)
• Keep abreast of latest IT security, regulatory and compliance trends to support various risk and data models
• Review system security plans, network diagrams, and vulnerability and patching requirements
• Create/maintain SOPs pertaining to day-to-day operations of endpoint security management and submit documentation through the Quality Review Management process
• Provide 24/7 on-call support (as needed)
• Mentor and train Junior End-Point Protection Engineers
• Coordinate with various technical groups and attend in-person client meetings
• Build relationships with client counterpart (i.e. Client Lead Security Engineer)
• Adhere to internal operational security and other Deloitte policies
• Enabling business development by assisting in request for proposal and sales processes
• Lead process compliance activities by identifying and driving initiatives that are relevant for the project delivery and help factor reusability and related benefits

The team:

Deloitte’s Detect & Respond (D&R) aims to combine sophisticated technologies and human intelligence to help the clients monitor, detect, investigate, and respond to known and unknown attacks. We help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. The Detect and Respond team delivers service to clients through following key areas:

• Threat detection and response
• Attack surface management
• Threat Intelligence
• Threat Hunting
• Data Protection

Qualifications

Must Have Skills/Project Experience/Certifications:

• Bachelor’s degree is required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.
• Candidate should have overall 3+ years’ experience with Endpoint Security platform management.
• Experience with Endpoint Security technologies like Microsoft Defender ATP, Cylance, Symantec, McAfee, Tanium, Carbon Black, CrowdStrike, etc.
• Knowledge of Operating Systems including windows and Linux systems
• Proficient understanding of IT infrastructure and security
• Proficient understanding of Endpoint Security management and Endpoint Security tools
• Proficient understanding AV policies, exclusions, rules etc.
• Proficient understanding of ethical hacking and security assessment tools
• Proficient understanding of relevant security technologies, such as malware management, network forensics, flow analysis, IDS/IPS, etc.
• Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent
• Experience in other security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Encryption, Threat Intelligence, Penetration Testing, etc. is a plus.
• Knowledge of Advanced Persistent Threats (APT) tactics, technics, and procedures
• Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• Understanding of common network infrastructure devices such as routers and switches
• Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
Detailed knowledge in system security architecture and security solutions

Good to Have Skills/Project Experience/Certifications:

• Endpoint Security tool certifications such as Microsoft Defender ATP, Cylance Security Professional (CSP), McAfee Product Specialist, Symantec Certified Specialist
• Excellent interpersonal and organizational skills
• Excellent oral and written communication skills
• Strong analytical and problem-solving skills
• Self-motivated to improve knowledge and skills
• A strong desire to understand the what as well as the why and the how of security incidents

Education:

• Bachelor’s degree is required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.

Location:

• Bengaluru/Hyderabad/Pune/Chennai/Kolkata

Shift Timings:

• Flexibility for night, weekend, and holiday coverage is essential.
• Must be willing to work 24*7 rotational shifts
• On call support required based on project assignments