Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte Technology US (DT - US). We are curious and life-long learners focused on technology and innovation.
Recruiting for this role ends on 1/23/2026.
Work you’ll do
The Lead Engineer position supports the SOC as an escalation point identifying and addressing potential SIEM content/level I and II engineering security concerns as this role is the first line of operational support. This role is also responsible for supporting Security application patching, content creation as requested from all stake holders, and development of process documentation.
Responsibilities by category:
Administrative
Maintain ticket management and DevOps activity tracking to ensure accurate work intake, prioritization, and status reporting.Monitor and communicate Microsoft product updates; assess and advise on impacts on the environment and customers.Build strong stakeholder relationships and provide timely end-user support with clear follow-through and resolution documentation.Create and maintain process documentation (runbooks, SOPs, workflows) to support consistent execution and knowledge transfer.Maintain and enforce change control and peer review processes to promote quality, security, and auditability.
Threat Detection
Align detection rules to current and emerging threats, leveraging external threat intelligence as appropriate.Identify and remediate detection gaps using the MITRE ATT&CK framework, based on business risk and priorities.Collaborate with Cybersecurity teams (e.g., Incident Response, Threat Intelligence, Engineering) to ensure cross-team alignment and coverage.Develop, tune, and support analytics/detection rules, including performance monitoring and optimization.Develop, maintain, and optimize playbooks/notebooks, including operational reliability and performance.Develop, maintain, and optimize Logic Apps, including operational reliability and performance.Develop, maintain, and optimize workbooks and dashboards to support detection engineering and SOC visibility.Support reporting needs tied to threat detection outcomes, metrics, and operational insights.Define and document required fields per data source to enable effective detection and investigation.Identify and remediate high-cost/expensive detections to improve signal-to-noise ratio and manage platform consumption.
Automation
Design, build, and support automation solutions that improve efficiency, consistency, and time-to-response across security operations.
SOC Support & Collaboration
Maintain strong SOC partnerships and provide support for SOC inquiries related to the Azure and Microsoft Defender portals, including troubleshooting and operational guidance.
The team
Deloitte Technology US (DT - US) helps power Deloitte’s success, which serves many of the world’s largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.
The ~3,000 professionals in DT - US deliver services including:
Cyber SecurityTechnology SupportTechnology & InfrastructureApplicationsRelationship ManagementStrategy & CommunicationsProject ManagementFinancials
Cyber Security
Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of focus include:
Risk & ComplianceIdentity & Access ManagementData ProtectionCyber DesignIncident ResponseSecurity ArchitectureBusiness Partnership
Required Qualifications:
Bachelor’s degree or equivalent in Computer Science, Computer Engineering, Business Administration.Minimum 8 years of various technology experience or 6 years with an advanced degree.Minimum 3 years’ cyber security experience within SIEM Administration.Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the futureAbility to travel up to 10%, on average, based on the work you do and the clients and industries/sectors you serve
Preferred Qualifications:
MS Sentinel SC-200 badgeCloud Fundamental Certificates.Ability to communicate network security issues to peers and lower management.Hands-on experience with Linux, working knowledge of Cloud environments, Azure O365, and SOC processes.An understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $93,000 to $191,000.
Information for applicants with a need for accommodation:
https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
EA_ExpHire
RITM9722253
From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture
Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose
Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more. Professional development
From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. As used in this posting, "Deloitte" means Deloitte Services LP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Requisition code: 319438 Job ID 319438