Apply now »

Sentinel SIEM Engineer

Date:  9 Sep 2024
Location: 

Sydney, NSW, AU

Department:  Risk Advisory
Description: 

Job Requisition ID: 35965 

  • CulturalFlex to observe your cultural and religious days of significance.  

  • Rewards platform - your hard work won't go unnoticed at Deloitte.   

  • Training and development - at Deloitte we believe in investing in our best assets, the people!   

 

 

What will your typical day look like?  

Reporting to the Director of SIEM Engineering, the SIEM Engineer is primarily responsible for the build development and maintenance of data storage and processing systems (such as Centralised Logging and Security Information and Event Management systems). The SIEM Engineer will participate in installing, configuring, and maintaining SIEM platforms, specifically Microsoft Sentinel; design and develop detections; implement operational and technical security controls; and adhere to organisational security policies and procedures.   

 

Location for this role - Remote

   

About the team  

The SIEM Engineering team provides a number of services to internal and external stakeholders including:  

  • Working on onboarding new clients to the service on the Microsoft Sentinel SIEM platform 

  • Working closely with a large SOC to maintain adequate connectors and analytics.  

  • Working with clients for the development of new detections bespoke to client use cases, threats and environments.  

  • Assist on internal SOC quality of life or process improvement projects.  

As part of a small team you will experience diverse days, find yourself hands on building and developing as well as handling client tickets or SOC queries.  

  

About this role   

Deloitte Cyber delivers top-tier Australian based sovereign Managed Detection and Response Services to a diverse range of clients, including both private sector and government entities. Deloitte Cyber’s aim is to protect their clients’ people, infrastructure, and network from a variety of cyber based attacks and threats.   

As a key member of the SIEM team, the SIEM Engineer will also apply analytical methods to the collection of new data and the interpretation of existing data. They will strive to improve operational management systems, processes, and procedures to ensure operations are carried out in the most appropriate and efficient way. The SIEM Engineer will take a hands-on approach to the development and sustainment of our complex information environment.   

  

Enough about us, let’s talk about you.    

 

Engineering 

  • Analyse and define data requirements and specifications  

  • Oversight of data system performance, capacity, availability, serviceability, and recoverability.   

  • Analyse and plan for anticipated changes in data capacity requirements. 

  • Install, configure and support data system components.   

  • Raise/manage/close vendor support cases.   

  • Develop and facilitate data-gathering methods.   

  • Manage the compilation, cataloguing, caching, distribution, and retrieval of data.   

  • Provide a managed flow of relevant information to represent data in creative formats.   

  • Part of Data and Security Engineering escalation roster for critical alerts.   

 

Data Analysis 

  • Analyse data sources to provide actionable recommendations and strategic insights.   

  • Assess the validity of source data and subsequent findings.   

  • Conduct hypothesis testing using statistical processes.   

  • Develop strategic insights from large data sets.   

  • Develop data standards, policies, and procedures.   

 

Client facing 

  • Interface with customers to address concerns, issues, or escalations; track and drive to closure any issues that impact the service and its value to clients.   

  • Work with product owners to onboard additional data sources.   

  • Present technical information to technical and non-technical audiences.   

   
Professional Experience: 

  • Experience working with centralised logging and Security Information and Event Management (SIEM) products (specifically Microsoft Sentinel).   

  • Experience writing SIEM queries, constructing alert logic, and building dashboards.   

  • Experience integrating custom log sources into centralised logging and/or SIEM products.   

  • An understanding of the information technology marketplace including modern security operations and Digital Forensics/Incident Response.   

  • Demonstrate a high level of flexibility and resourcefulness, being able to adapt to change and challenges.   

  • Experience communicating with a high level of professionalism.   

  • Previous technical experience owning and delivering complex, technical bodies of work.   

  • Evidence of working with or in the Enterprise market.   

  • A demonstrable track record of success.   

  • Ideally, experience working in or with a cyber security team.   

  • Ideally, experience working with Endpoint Detection and Response products (preferably Microsoft and Carbon Black’s offerings).   

  

Why Deloitte   

At Deloitte, we focus our energy on interesting and impactful work. We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We put coaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.    

 We embrace diversity, equity and inclusion. We have a diverse collection of people from different backgrounds, with different experiences, gender identities, abilities and thinking styles. What binds us together is a shared commitment to value everyone’s perspective and to cultivate inclusion; so that our work environment is a safe space we can all belong.     

We prioritise flexibility and choice. At Deloitte, you get trust on Day 1. We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team, and personal commitments.  

 We help you live and work well. To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeing leave, paid volunteering days, twelve flexible working options, market-leading parental leave and return to work support package.   

  

Next Steps  

Sound like the sort of role for you? Apply now, we’d love to hear from you!   

 

 

 

By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.

Apply now »