Security Engineer III, Exploitation Analyst / Incident Responder (TS Clearance)
Job Description
Deloitte seeks a Security Engineer III, Exploitation Analyst / Incident Responder to join the Cyber Defense & Resilience practice onsite in Baltimore, MD. The role centers on threat analysis, incident response, vulnerability assessment, and malware analysis, and requires an active Top-Secret clearance with SCI eligibility.
Overview
The selected engineer will contribute to advanced threat detection and response efforts, working to protect client environments through rigorous analysis, containment, and remediation activities. The position emphasizes hands-on incident handling, malware analysis, and risk-based remediation guidance within a TS-cleared security program.
Responsibilities
- Monitor networks, systems, and applications for indicators of compromise and analyze threat data to identify malicious activity.
- Investigate security incidents, collect and analyze logs, memory artifacts, and network traffic, and support containment, eradication, and recovery efforts.
- Identify and assess vulnerabilities in systems, networks, and applications and recommend remediation actions based on risk and exploitability.
- Examine malware, exploits, and adversary tools, including reverse engineering of malicious code and simulating techniques in controlled environments.
- Prepare technical reports, briefings, and documentation that summarize findings, methodologies, and recommendations for stakeholders.
Requirements
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field
- Active Top-Secret Clearance with SCI eligibility
- 2+ years of experience in cyber exploitation analysis, threat intelligence, or incident response
- 2+ years analyzing advanced persistent threats (APTs), malware, exploitation techniques, and reverse engineering tools such as IDA Pro or Ghidra
- 2+ years conducting vulnerability assessments, penetration testing, or red team activities
- 2+ years of experience with network traffic analysis, log analysis, digital forensics, Windows, Linux, macOS, common network protocols, scripting languages (Python, PowerShell, or Bash), and security monitoring tools (SIEM, IDS, IPS, EDR)
- Willingness to travel up to 20% on average, depending on client engagements
- Willingness to work onsite at client locations or Deloitte offices up to 5 days per week
- Industry certifications such as GIAC, CISSP, or CompTIA Security+
- Must be legally authorized to work in the United States without sponsorship now or in the future
Technologies
- IDA Pro
- Ghidra
- Python
- PowerShell
- Bash
- SIEM
- IDS
- IPS
- EDR
- Windows
- Linux
- macOS
- MITRE ATT&CK
The Team
Our Deloitte Cyber Defense & Resilience offering helps clients defend against sophisticated threats by transforming security operations, telemetry, data analytics, and threat intelligence. The team focuses on managing dynamic attack surfaces and delivering rapid cyber crisis and incident response, enabling clients to prepare, respond, and recover from disruptions.
Qualifications
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field
- Active Top-Secret Clearance with SCI eligibility
- 2+ years of experience in cyber exploitation analysis, threat intelligence, or incident response
- 2+ years analyzing advanced persistent threats (APTs), malware, exploitation techniques, and reverse engineering tools such as IDA Pro or Ghidra
- 2+ years performing vulnerability assessments, penetration testing, or red team activities
- 2+ years of experience with network traffic analysis, log analysis, digital forensics, Windows, Linux, macOS, common network protocols, scripting languages (Python, PowerShell, or Bash), and security monitoring tools (SIEM, IDS, IPS, EDR)
- Ability to travel up to 20% on average
- Willingness to work onsite at client locations or Deloitte offices up to 5 days per week
- Industry certifications such as GIAC, CISSP, or CompTIA Security+
- Must be legally authorized to work in the United States without sponsorship now or in the future
Location
Baltimore, MD (onsite)
Compensation
USD 102,500 - 188,900 per year