Deloitte Cyber Security Metrics Analyst - Security Operations Center in Charlotte, North Carolina

Deloitte is one of the leading professional services organizations in the United States, specializing in audit, tax, consulting and financial advisory services with clients in more than 20 industries. We provide powerful business solutions to some of the world s most well-known and respected companies, including more than 75 percent of the Fortune 100.At Deloitte, you can have a rewarding career on every level. In addition to challenging and meaningful work, you ll have the chance to give back to your community, make a positive impact on the environment, participate in a range of diversity and inclusion initiatives, and find the support, coaching, and training it takes to advance your career. Our commitment to individual choice lets you customize aspects of your career path, your educational opportunities and your benefits. And our culture of innovation means your ideas on how to improve our business and your clients will be heard.Deloitte Services LP includes internal support areas such as Marketing and Communications, Human Resources/Talent, Information Technology, Facilities Management, and Financial Support Services. Cyber Security Metrics Analyst - Security Operations Center (2 positions)Location Hermitage/Nashville, TN preferred but not required. Open to other locations. Role and ResponsibilitiesThe Cyber Security Metrics Analyst will interact with members of the IDS team, incident response, vulnerability management, Threat Intel, patch management, various levels of leadership, and SOC analyst teams to support the capabilities of the organization and provide effective services to its subscribers. Key Responsibilities Metrics and Data AnalysisSupport and guide business and technical stakeholders in the collection and analysis of key data related Cyber Security metrics, Internal measures KPIs and KRIs reporting that is timely, accurate, consistent, complete and relevant for the purpose of providing comprehensive information for strategic Cyber Security management decisions.Provide guidance and support to the team to analyze Cyber Security metric performance data to produce weekly, monthly, quarterly and annual performance reports, and ad hoc reports as requested, in a concise and consistent manner, soliciting input from a number of sources both internal and external to the business unitSupport and guide the team in the development of dashboard front-end reporting capability for executive reporting that provides critical Cyber Security metric trending and forecasting information, summarized as appropriate for executive-level consumptionProvide support to the SOC Manager and IR Manager to lead and support the team in the delivery of exceptional customer service that builds trust through responsive, accurate, consistent, knowledgeable and available services and support.Through in-depth knowledge of Cyber Security Metrics trends/results, provide support to the SOC and IR team in the early identification of potential risks/impacts that may become apparent through inference, patterns and analysis of Cyber Security metric data, and make recommendations or escalate to management, as per established SOP s and reporting guidelines.Play key role in supporting the development of capability to provide current cyber security metric inputs that may be required for regulatory reporting and audit queries.Take ownership role for the establishment of a current and up-to-date Information Security metrics baseline.Review all incidents against the daily/weekly metrics to determine if the IR Tracking tools and SIEM are losing effectiveness and to determine if there are needs to modify the tools, algorithms, or workflows.Based upon the metrics collected the analyst prepares the monthly Cyber readiness report for submission.Provides a weekly, monthly, and quarterly metrics/ trend analysis reports to various levels of leadership based upon the trends observed over the review period. Documentation and ReportingCreation and delivery of weekly/monthly/quarterly reports.Content ProviderActively seek to improve and develop new KPI s/KRI s based upon observed and measured SOC activity. Interact daily with the management, Incident Response, and SOC analyst team to better understand metric needs for tuning and development. TravelLess than 50% Desired Skills & ExperienceBachelor s degree in Computer Science or Business Administration, or relevant educational or professional experience.4 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detectionExperience in IT Business operations metric reporting will be an added bonusWorking knowledge and understanding of Cyber Security key performance indicators (KPIs) and key risk indicators (KRIs)Good knowledge of Information Security processes, procedures and controls.Good understanding of Information Security risk and regulatory requirements.Solid understanding of Information Security management reporting processes.Good understanding of industry practices and metric reporting fundamentals.The candidate is familiar with multiple standards and frameworks, including NIST Cyber Security Framework (CSF), ISO 27001 and 27002, Payment Card Industry (PCI) Data Security Standard (DSS), etc.2 years experience in supervising/managing and leading teams to success2 years experience in managing projects and using project management skillsExperience in interfacing at multiple levels of client management and building relationshipsAbility to provide subject matter expertise in designing and enhancing the IT risk/security metrics program will be a bonusExcellent interpersonal and organizational skillsExcellent oral and written communication skillsExperience with incident/event correlation tools such as ArcSight and SplunkExperience with IR Tracking tools such as IBM Resilient, Swimlane, Archer, or Service Now.Self-motivated to improve knowledge and skillsDetail orientedA strong desire to understand the what as well as the why and the how of security incidentsWorks well both in a team environment and independentlyA desire to lead a team and assist and mentor others

About Deloitte

As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: If you are not reviewing this job posting on our Careers site ( or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at

Category: Information Technology