CybersecurityJobs.io
← Back to all jobs

Job Description

Join Deloitte's Cyber Defense and Resilience team as a Security Engineer III focused on SIEM engineering. This role centers on security monitoring, detection development, and incident analysis across complex enterprise environments. You will help build and refine SIEM content, improve alert fidelity, and enhance clients' cyber defense capabilities. The position offers a competitive salary range of USD 102,500 – 188,900 per year, a Baltimore, MD location with remote work options, and the chance to contribute to critical security outcomes. An Active Secret Clearance is required, and travel up to 20% may be needed. You may work onsite at client locations or Deloitte offices up to five days per week.

Responsibilities

  • Configure, maintain, and optimize SIEM content including correlation rules, alerts, dashboards, and reports
  • Analyze security events and log data to identify suspicious activity, support investigations, and improve detection coverage
  • Integrate and normalize log sources from endpoint, network, cloud, identity, and security platforms
  • Partner with cybersecurity teams to support use case development, threat detection, incident triage, and response activities
  • Document detection logic, operational procedures, and monitoring requirements to support consistent service delivery

Requirements

  • Bachelor's degree in computer science, cybersecurity, information technology, engineering, or a related technical field
  • Active Secret Clearance
  • 3+ years of experience in cybersecurity, security operations, or SIEM engineering
  • 3+ years of experience with at least one of the following: Splunk, Palo Alto XSIAM, or CrowdStrike NG SIEM
  • 2+ years creating, tuning, and maintaining correlation searches, alerts, dashboards, and reports in a SIEM platform
  • 2+ years reviewing and analyzing logs from endpoint, network, cloud, identity, and application sources
  • Security certification such as Splunk certification, Palo Alto Networks certification, or CrowdStrike certification is required
  • Ability to travel up to 20% on average based on client requirements
  • Willingness to work onsite at client sites or Deloitte offices up to five days a week
  • Legal authorization to work in the United States without the need for employer sponsorship now or in the future

Technologies

  • Splunk
  • Palo Alto XSIAM
  • CrowdStrike NG SIEM
  • Amazon Web Services
  • Microsoft Azure
  • Google Cloud Platform
  • MITRE ATT&CK

Similar Jobs