Security Automation Engineer (32391)
- Support clients with data protection, IoT, and overarching cloud capabilities.
- Implement core and cloud infrastructure security to manage risks and exposure.
- Perform cyber reconnaissance to illuminate a potential attack surface area.
- Provide threat and vulnerability management to federal clients and teams.
- Analyze tactical network architectures and topologies to assess security risks.
- Responsible for improving the overall security posture for its customers by enhancing communication and automation between various security monitoring and alerting tools in the environment.
- Integrate Splunk Enterprise Security and Splunk Phantom to create a single dashboard for monitoring and responding to notable security events.
Deloitte's Government and Public Services (GPS) practice - our people, ideas, technology and outcomes-is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of more than 15,000 professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise
At Deloitte, we believe cyber is about starting things-not stopping them-and enabling the freedom to create a more secure future. Cyber Infrastructure is focused on rethinking how security is integrated across modernized infrastructure as cyber threats become more complex. If you're seeking a career implementing, architecting, and-in select cases-handling next generation controls to manage security risks and exposure, then the Cyber Infrastructure team at Deloitte is for you.
- Bachelor's degree required
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
- Must be able to obtain and maintain the required clearance for this role
- Travel up to 10%
- 5+ years of IT and/or Cyber experience
- •Experience scripting and working with APIs (preferably Python and REST APIs)
- Fundamental understanding of software, computer, cloud computing, and network architectures
- Hands on Splunk engineering experience
- Experience with any SOAR (Security Orchestration, Automation, and Response) platform such as Phantom or Demisto
- Prior professional services or federal consulting experience
- Previous Security Operations Center experience
- Experience in mobile and endpoint security
- Certifications (e.g., CompTIA Security+, CEH, CISSP)
- Linux system administration experience
- One or more of the following certifications: Cloud (AWS, Azure, Google Cloud Platform); SIEM (Splunk Certified Architect, Splunk Core Certified Consultant, Splunk Trust Member, Elastic Certified Engineer)
How you'll grow
At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.